Cisco Network Functions Virtualization Infrastructure vulnerabilities

CVE-2018-0324 [MEDIUM] CWE-77 CVE-2018-0324: A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an au A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, high-privileged, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters in the CLI parser. An attacker could exploit this vulnerability by invoking a vulnerable C

CVE-2018-0323 [MEDIUM] CWE-22 CVE-2018-0323: A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFV A vulnerability in the web management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to conduct a path traversal attack on a targeted system. The vulnerability is due to insufficient validation of web request parameters. An attacker who has access to the web management interface of the af