cisco application policy infrastructure controller 2.0 base vulnerabilities and exploits

(subscribe to this query)

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local malicious user to gain root-level privileges. The vulnerability is due to a c...

Cisco Application Policy Infrastructure Controller 1.3\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(1j\\)Cisco Application Policy Infrastructure Controller 2.0\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(0.920a\\)Cisco Application Policy Infrastructure Controller 1.3\\(2\\)Cisco Application Policy Infrastructure Controller 1.3\\(2f\\)Cisco Application Policy Infrastructure Controller 1.2\\(2\\)Cisco Application Policy Infrastructure Controller 1.1\\(3f\\)Cisco Application Policy Infrastructure Controller 1.2 Base Cisco Application Policy Infrastructure Controller 1.2\\(3\\)Cisco Application Policy Infrastructure Controller 2.0 Base Cisco Application Policy Infrastructure Controller 1.2.2

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether t...

Cisco Application Policy Infrastructure Controller 1.0\\(3i\\)Cisco Application Policy Infrastructure Controller 1.1\\(3f\\)Cisco Application Policy Infrastructure Controller 1.3\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(1j\\)Cisco Application Policy Infrastructure Controller 1.0\\(2j\\)Cisco Application Policy Infrastructure Controller 2.0 Base Cisco Application Policy Infrastructure Controller 1.0\\(3f\\)Cisco Application Policy Infrastructure Controller 1.2.2 Cisco Application Policy Infrastructure Controller 1.2\\(3\\)Cisco Application Policy Infrastructure Controller 1.0\\(1h\\)Cisco Application Policy Infrastructure Controller 1.0\\(2m\\)Cisco Application Policy Infrastructure Controller 1.0\\(1k\\)Cisco Application Policy Infrastructure Controller 1.0\\(1n\\)Cisco Application Policy Infrastructure Controller 1.1\\(0.920a\\)Cisco Application Policy Infrastructure Controller 1.0\\(1e\\)Cisco Application Policy Infrastructure Controller 1.0\\(3n\\)Cisco Application Policy Infrastructure Controller 1.0\\(4h\\)Cisco Application Policy Infrastructure Controller 1.3\\(2f\\)Cisco Application Policy Infrastructure Controller 2.0\\(1\\)Cisco Application Policy Infrastructure Controller 1.0\\(4o\\)Cisco Application Policy Infrastructure Controller 1.0\\(3k\\)Cisco Application Policy Infrastructure Controller 1.2 Base

Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...

2 Metasploit modules1160 Github repositories28 Articles

Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...

34 Github repositories4 Articles

Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...

74 Github repositories5 Articles

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with...

195 Github repositories9 Articles

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook