cvelist/2019/1xxx/CVE-2019-1960.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-08-07T16:00:00-0700",
        "ID": "CVE-2019-1960",
        "STATE": "PUBLIC",
        "TITLE": "Cisco Enterprise NFV Infrastructure Software Arbitrary File Read Vulnerabilities"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Cisco Enterprise NFV Infrastructure Software ",
                                "version": {
                                    "version_data": [
                                        {
                                            "affected": "<",
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Cisco"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to read arbitrary files on the underlying operating system (OS) of an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
        ]
    },
    "exploit": [
        {
            "lang": "eng",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
        }
    ],
    "impact": {
        "cvss": {
            "baseScore": "4.4",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N ",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-20"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "20190807 Cisco Enterprise NFV Infrastructure Software Arbitrary File Read Vulnerabilities",
                "refsource": "CISCO",
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-nfv-read"
            }
        ]
    },
    "source": {
        "advisory": "cisco-sa-20190807-nfv-read",
        "defect": [
            [
                "CSCvm76669",
                "CSCvn12428"
            ]
        ],
        "discovery": "INTERNAL"
    }
}