Cisco Network Services Orchestrator — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Network Services Orchestrator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2018-0274 — CVSS 8.8 (high): A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute…
CVE-2024-20381 — CVSS 8.8 (high): A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based…
CVE-2024-20366 — CVSS 7.8 (high): A vulnerability in the Tail-f High Availability Cluster Communications (HCC) function pack of Cisco Crosswork Network Services Orchestrator…
CVE-2021-1572 — CVSS 7.8 (high): A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which…
CVE-2018-0463 — CVSS 7.5 (high): A vulnerability in the Cisco Network Plug and Play server component of Cisco Network Services Orchestrator (NSO) could allow an…
CVE-2023-20040 — CVSS 5.5 (medium): A vulnerability in the NETCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause…
CVE-2021-1132 — CVSS 5.3 (medium): A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an…
CVE-2024-20369 — CVSS 4.7 (medium): A vulnerability in the web-based management interface of Cisco Crosswork Network Services Orchestrator (NSO) could allow an…
CVE-2020-3362 — CVSS 4.7 (medium): A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential…