Cisco Enterprise NFV Infrastructure Software CVE-2018-0279 Access Bypass Vulnerability
BID:104243
CVE-2018-279 |Info
Cisco Enterprise NFV Infrastructure Software CVE-2018-0279 Access Bypass Vulnerability
| Bugtraq ID: | 104243 |
| Class: | Design Error |
| CVE: |
CVE-2018-0279 |
| Remote: | Yes |
| Local: | No |
| Published: | May 16 2018 12:00AM |
| Updated: | May 16 2018 12:00AM |
| Credit: | Cisco |
| Vulnerable: |
Cisco Enterprise NFV Infrastructure Software (NFVIS) 3.7.1 Cisco Enterprise NFV Infrastructure Software (NFVIS) 3.6.3 |
| Not Vulnerable: |
Cisco Enterprise NFV Infrastructure Software (NFVIS) 3.8.1 |
Discussion
Cisco Enterprise NFV Infrastructure Software CVE-2018-0279 Access Bypass Vulnerability
Cisco Enterprise NFV Infrastructure Software is prone to an access-bypass vulnerability.
Successful exploits may allow an attacker to bypass certain security restrictions. This may allow the attacker to masquerade as a legitimate user, aiding in further attacks.
This issue is tracked by Cisco Bug ID CSCvh25026.
Cisco Enterprise NFV Infrastructure Software is prone to an access-bypass vulnerability.
Successful exploits may allow an attacker to bypass certain security restrictions. This may allow the attacker to masquerade as a legitimate user, aiding in further attacks.
This issue is tracked by Cisco Bug ID CSCvh25026.
Exploit / POC
Cisco Enterprise NFV Infrastructure Software CVE-2018-0279 Access Bypass Vulnerability
An attacker may use readily available tools to exploit this issue.
An attacker may use readily available tools to exploit this issue.
Solution / Fix
Cisco Enterprise NFV Infrastructure Software CVE-2018-0279 Access Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.