Vulnslist

Cisco product, release, and evidence lookup

CVE-2018-0427

A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious packet. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Cisco Bug IDs: CSCvi42263.

SeverityHIGH
CVSS8.8
EPSS2.02% EPSS medium
CWECWE-77
KEV
Published
Modified

Public Affected Products

Product Advisory Evidence
Cisco Digital Network Architecture Center (DNA Center) cisco-sa-20180815-dna-injection Cisco CSAF ยท structured affected