CVE-2018-0460

Name of the Vulnerable Software and Affected Versions Cisco Enterprise NFV Infrastructure Software (NFVIS) (affected versions not specified)

Description The issue is related to insufficient authorization and parameter validation checks in the REST API. An authenticated, remote attacker could exploit this by sending a malicious API request with low-privileged user credentials, potentially allowing them to read any file on the affected system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.