Описание
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using directory traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to overwrite or read arbitrary files on an affected device.
Уязвимые конфигурации
EPSS
6.7 Medium
CVSS3
6.7 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to overwrite or read arbitrary files. The attacker would need valid administrator privilege-level credentials. This vulnerability is due to improper input validation of CLI command arguments. An attacker could exploit this vulnerability by using directory traversal techniques when executing a vulnerable command. A successful exploit could allow the attacker to overwrite or read arbitrary files on an affected device.
Уязвимость интерфейса командной строки (CLI) программного обеспечения инфраструктуры Cisco Enterprise NFV Infrastructure Software (NFVIS), позволяющая нарушителю читать и изменять произвольные файлы на уязвимом устройстве
EPSS
6.7 Medium
CVSS3
6.7 Medium
CVSS3
4.6 Medium
CVSS2