← Back

Mobility Services Engine 3310 Firmware

mobility_services_engine_3310_firmware

Vendor: Cisco • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-0393
1Cisco
3Mobility Services Engine 3310 Firmware
Mobility Services Engine 3355 FirmwareMobility Services Engine 3365 Firmware
Nov 21, 2024
Jul 18, 2018
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability i...Show more
A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.Show less
CVE-2018-0392
1Cisco
3Mobility Services Engine 3310 Firmware
Mobility Services Engine 3355 FirmwareMobility Services Engine 3365 Firmware
Nov 21, 2024
Jul 18, 2018
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readab...Show more
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087.Show less