{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T10:38:22.868","vulnerabilities":[{"cve":{"id":"CVE-2018-0462","sourceIdentifier":"psirt@cisco.com","published":"2018-10-05T14:29:04.137","lastModified":"2024-11-21T03:38:16.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the user management functionality of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a denial of service (DoS) attack against an affected system. The vulnerability is due to insufficient validation of user-provided input. An attacker could exploit this vulnerability by logging in with a highly privileged user account and performing a sequence of specific user management operations that interfere with the underlying operating system. A successful exploit could allow the attacker to permanently degrade the functionality of the affected system."},{"lang":"es","value":"Una vulnerabilidad en la funcionalidad de gestión de usuarios de Cisco Enterprise NFV Infrastructure Software (NFVIS) podría permitir que un atacante remoto autenticado realice un ataque de denegación de servicio (DoS) contra un sistema afectado. Esta vulnerabilidad se debe a una validación insuficiente de las entradas proporcionadas por el usuario. Un atacante podría explotar esta vulnerabilidad iniciando sesión con una cuenta de usuario con privilegios altos y realizando una secuencia de operaciones de gestión de usuarios específicas que interfieran con el sistema operativo subyacente. Su explotación con éxito podría permitir que el atacante degrade permanentemente la funcionalidad del sistema afectado."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:C","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:enterprise_network_virtualization_software:nfvis-6.0:*:*:*:*:*:*:*","matchCriteriaId":"62321232-048A-4A3E-8F72-52D8790CC3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:enterprise_network_virtualization_software:nfvis-8.0:*:*:*:*:*:*:*","matchCriteriaId":"060E1969-C4EB-4E8A-9007-984C89D8A853"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105291","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nfvis-dos1","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105291","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nfvis-dos1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}