Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco application policy infrastructure controller software vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv2
CVE-2017-6768
A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local malicious user to gain root-level privileges. The vulnerability is due to a c...
Cisco Application Policy Infrastructure Controller 1.3\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(1j\\)Cisco Application Policy Infrastructure Controller 2.0\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(0.920a\\)Cisco Application Policy Infrastructure Controller 1.3\\(2\\)Cisco Application Policy Infrastructure Controller 1.3\\(2f\\)Cisco Application Policy Infrastructure Controller 1.2\\(2\\)Cisco Application Policy Infrastructure Controller 1.1\\(3f\\)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 1.2\\(3\\)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.2.2
4.6
CVSSv2
CVE-2017-6767
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether t...
Cisco Application Policy Infrastructure Controller 1.0\\(3i\\)Cisco Application Policy Infrastructure Controller 1.1\\(3f\\)Cisco Application Policy Infrastructure Controller 1.3\\(1\\)Cisco Application Policy Infrastructure Controller 1.1\\(1j\\)Cisco Application Policy Infrastructure Controller 1.0\\(2j\\)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.0\\(3f\\)Cisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.2\\(3\\)Cisco Application Policy Infrastructure Controller 1.0\\(1h\\)Cisco Application Policy Infrastructure Controller 1.0\\(2m\\)Cisco Application Policy Infrastructure Controller 1.0\\(1k\\)Cisco Application Policy Infrastructure Controller 1.0\\(1n\\)Cisco Application Policy Infrastructure Controller 1.1\\(0.920a\\)Cisco Application Policy Infrastructure Controller 1.0\\(1e\\)Cisco Application Policy Infrastructure Controller 1.0\\(3n\\)Cisco Application Policy Infrastructure Controller 1.0\\(4h\\)Cisco Application Policy Infrastructure Controller 1.3\\(2f\\)Cisco Application Policy Infrastructure Controller 2.0\\(1\\)Cisco Application Policy Infrastructure Controller 1.0\\(4o\\)Cisco Application Policy Infrastructure Controller 1.0\\(3k\\)Cisco Application Policy Infrastructure Controller 1.2 Base
9
CVSSv2
CVE-2016-1302
Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.0(3h) and 1.1 prior to 1.1(1j) and Nexus 9000 ACI Mode switches with software prior to 11.0(3h) and 11.1 prior to 11.1(1j) allow remote authenticated users to bypass intended RBAC restricti...
Cisco Application Policy Infrastructure Controller 1.0\\\\\\(1k\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(1h\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(3f\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(2m\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(2j\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(1n\\\\\\)Cisco Application Policy Infrastructure Controller 1.0\\\\\\(1e\\\\\\)Cisco Application Policy Infrastructure Controller 1.1\\\\\\(0.920a\\\\\\)Cisco Nx-os 11.0\\\\\\(3f\\\\\\)Cisco Nx-os 11.0\\\\\\(2m\\\\\\)Cisco Nx-os 11.0\\\\\\(1d\\\\\\)Cisco Nx-os 11.0\\\\\\(1c\\\\\\)Cisco Nx-os BaseCisco Nx-os 11.0\\\\\\(1b\\\\\\)Cisco Nx-os 11.0\\\\\\(2j\\\\\\)Cisco Nx-os 11.0\\\\\\(1e\\\\\\)
6.8
CVSSv2
CVE-2016-6413
The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496.
Cisco Application Policy Infrastructure Controller 1.3\\(2f\\)
6.4
CVSSv2
CVE-2021-1577
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote malicious user to read or write arbitrary files on an affected system. ...
Cisco Application Policy Infrastructure ControllerCisco Cloud Application Policy Infrastructure Controller
4.3
CVSSv2
CVE-2015-6337
Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0.10Cisco Application Policy Infrastructure Controller Enterprise Module 1.0 Ga
5
CVSSv2
CVE-2019-1692
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote malicious user to access sensitive system usage information. The vulnerability is due to a lack of proper data protec...
Cisco Application Policy Infrastructure ControllerCisco Application Policy Infrastructure Controller 8.3\\(1\\)s6
4.3
CVSSv2
CVE-2016-1305
Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
9
CVSSv2
CVE-2021-1578
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote malicious user to elevate privileges to Administrator on an affected devi...
Cisco Cloud Application Policy Infrastructure Controller 5.0\\(2h\\)Cisco Application Policy Infrastructure Controller 5.0\\(2h\\)Cisco Cloud Application Policy Infrastructure ControllerCisco Application Policy Infrastructure Controller
3.5
CVSSv2
CVE-2019-1838
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affecte...
Cisco Application Policy Infrastructure Controller 4.0\\(3d\\)Cisco Application Policy Infrastructure Controller 3.2\\(5d\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook