How severe is CVE-2018-0440?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2018-0440?

This is classified as CWE-264, which is a common weakness in software security.

CVE-2018-0440 - HIGH Severity | CVSS 7.2

Vulnerability Description

A vulnerability in the web interface of Cisco Data Center Network Manager could allow an authenticated application administrator to execute commands on the underlying operating system with root-level privileges. The vulnerability is due to incomplete input validation of user input within an HTTP request. An attacker could exploit this vulnerability by authenticating to the application and then sending a crafted HTTP request to the targeted application. A successful exploit could allow the authenticated attacker to issue commands on the underlying operating system as the root user.

Related Vulnerabilities

CVE-2015-5252

HIGH

CVSS:7.2(High)

vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended fi...

CWE-2642015

CVE-2016-2281

HIGH

CVSS:7.2(High)

Untrusted search path vulnerability in ABB Panel Builder 800 5.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CWE-2642016

CVE-2016-8494

HIGH

CVSS:7.2(High)

Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme.

CWE-2642016

CVE-2016-9097

HIGH

CVSS:7.2(High)

The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain ci...

CWE-2642016

CVE-2016-9871

HIGH

CVSS:7.2(High)

EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially b...

CWE-2642016

CVE-2018-13802

HIGH

CVSS:7.2(High)

A vulnerability has been identified in ROX II (All versions < V2.12.1). An authenticated attacker with a high-privileged user account access via SSH could circumvent restrictions in place and execute ...

CWE-2642018