Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-0323 CVE-2018-0324 CVE-2018-0279 |
| CWE-ID | CWE-22 CWE-77 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Enterprise NFV Infrastructure Software Server applications / Virtualization software |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU12782
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0323
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in the web management interface due to insufficient validation of web request parameters. A remote attacker who has access to the web management interface can send a specially crafted web request, trigger path traversal and gain access to potentially sensitive information.
MitigationUpdate to version 3.8.1.
Vulnerable software versionsEnterprise NFV Infrastructure Software: 3.6.1 - 3.7.1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command injection
EUVDB-ID: #VU12783
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0324
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated attacker to execute arbitrary commands on the target system.
The weakness exists in the CLI parser due to insufficient input validation of command parameters. A local attacker can invoke a vulnerable CLI command with specially crafted parameters and execute arbitrary commands with a non-root user account on the underlying Linux operating system.
MitigationUpdate to version 3.8.1.
Vulnerable software versionsEnterprise NFV Infrastructure Software: 3.6.1 - 3.7.1
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper input validation
EUVDB-ID: #VU12784
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-0279
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary commands on the target system.
The weakness exists in the Secure Copy Protocol (SCP) server due to improper input validation of command arguments. A rmote attacker can use specially crafted arguments when opening a connection to the target device and gain shell access with a non-root user account to the underlying Linux operating system.
Update to version 3.8.1.
Vulnerable software versionsEnterprise NFV Infrastructure Software: 3.6.2 - 3.7.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-nfvis
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
