VDB
CVE-2018-0427
CVE-2018-0427
PUBLISHED
CVSS 9 CRITICAL
A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker could exploit this vulnerability by sending a malicious packet. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. Cisco Bug IDs: CSCvi42263.
EPSS 2.02% · 84.1th percentile
Risk Scores
CVSS 2.0
9
EPSS Score
2.02%
84.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco Systems, Inc. | Digital Network Architecture (DNA) Center | unspecified |
| cisco | application_policy_infrastructure_controller_enterprise_module | * |
Exploit Intelligence
Timeline
- Aug 15, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- May 13, 2023 EPSS Score