Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Enterprise Network Function Virtualization Infrastructure  Security Vulnerabilities
CVE-2019-1959
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
4.4
EPSS Score
0.001
Published
2019-08-08
CVE-2019-1960
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
4.4
EPSS Score
0.001
Published
2019-08-08
CVE-2019-1961
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to the improper input validation of tar packages uploaded through the Web Portal to the Image Repository. An attacker could exploit this vulnerability by uploading a crafted tar package and viewing the log entries that are generated. A successful exploit could allow the attacker to read arbitrary files on the underlying OS.
CVSS Score
4.9
EPSS Score
0.003
Published
2019-08-08
CVE-2019-1895
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to access the VNC console session of an administrative user on an affected device. The vulnerability is due to an insufficient authentication mechanism used to establish a VNC session. An attacker could exploit this vulnerability by intercepting an administrator VNC session request prior to login. A successful exploit could allow the attacker to watch the administrator console session or interact with it, allowing admin access to the affected device.
CVSS Score
9.8
EPSS Score
0.024
Published
2019-08-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved