VDB

CVE-2018-0377

CVE-2018-0377 PUBLISHED CVSS 7.5 HIGH

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.

EPSS 5.26% · 90.2th percentile

Risk Scores

CVSS 2.0
7.5
EPSS Score
5.26%
90.2th percentile

Affected Products

VendorProductVersions
ciscopolicy_suite0
ciscomobility_services_engine14.0.0
n/aCisco Policy Suite unknownCisco Policy Suite unknown

Exploit Intelligence

Timeline

  • Jul 18, 2018 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›