← back
CVE-2018-0374

CVE-2018-0374

EPSS 2.7%CWE-306
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
18 Jul 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134.
Affected products
n/a · Cisco Policy Suite unknown

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-accesshttp://www.securityfocus.com/bid/104851