Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

cisco application policy infrastructure controller vulnerabilities and exploits

(subscribe to this query)
7.8
CVSSv3

CVE-2016-1420

The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
Cisco Application Infrastructure Controller -Cisco Application Policy Infrastructure Controller Firmware 1.0(1e)Cisco Application Policy Infrastructure Controller Firmware 1.0(1h)Cisco Application Policy Infrastructure Controller Firmware 1.0(1k)Cisco Application Policy Infrastructure Controller Firmware 1.0(1n)Cisco Application Policy Infrastructure Controller Firmware 1.0(2j)Cisco Application Policy Infrastructure Controller Firmware 1.0(2m)Cisco Application Policy Infrastructure Controller Firmware 1.0(3f)Cisco Application Policy Infrastructure Controller Firmware 1.0(3i)Cisco Application Policy Infrastructure Controller Firmware 1.0(3k)Cisco Application Policy Infrastructure Controller Firmware 1.0(3n)Cisco Application Policy Infrastructure Controller Firmware 1.0(4h)Cisco Application Policy Infrastructure Controller Firmware 1.0(4o)Cisco Application Policy Infrastructure Controller Firmware 1.1(0.920a)Cisco Application Policy Infrastructure Controller Firmware 1.1(1j)Cisco Application Policy Infrastructure Controller Firmware 1.1(3f)
7.8
CVSSv3

CVE-2017-6768

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local malicious user to gain root-level privileges. The vulnerability is due to a c...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)Cisco Application Policy Infrastructure Controller 1.3(2f)Cisco Application Policy Infrastructure Controller 1.1(1j)
7.1
CVSSv3

CVE-2017-6767

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether t...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 1.0(4o)Cisco Application Policy Infrastructure Controller 1.0(4h)Cisco Application Policy Infrastructure Controller 1.0(3i)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.0(2j)Cisco Application Policy Infrastructure Controller 1.0(1n)Cisco Application Policy Infrastructure Controller 1.0(2m)Cisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.0(1h)Cisco Application Policy Infrastructure Controller 1.0(3k)Cisco Application Policy Infrastructure Controller 1.0(3n)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.0(3f)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 1.0(1e)Cisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.0(1k)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)
6.1
CVSSv3

CVE-2015-6337

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0 GaCisco Application Policy Infrastructure Controller Enterprise Module 1.0.10
9.8
CVSSv3

CVE-2021-1393

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote malicious user to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For mor...
Cisco Application Services EngineCisco Application Policy Infrastructure Controller 1.1.3
6.5
CVSSv3

CVE-2021-1396

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote malicious user to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For mor...
Cisco Application Services EngineCisco Application Policy Infrastructure Controller 1.1.3
6.1
CVSSv3

CVE-2016-1305

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
8.8
CVSSv3

CVE-2017-12262

A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, adjacent malicious user to gain privileged access to services only available on the internal network of the devi...
Cisco Application Policy Infrastructure Controller Enterprise Module
6.5
CVSSv3

CVE-2016-6457

A vulnerability in the Cisco Nexus 9000 Series Platform Leaf Switches for Application Centric Infrastructure (ACI) could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition on the affected device. This vulnerability affects Cisco Nexus 9...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Nx-os 11.2(2g)Cisco Nx-os 11.2(2h)Cisco Nx-os 11.2(2i)Cisco Nx-os 11.2(3c)Cisco Nx-os 11.2(3e)Cisco Nx-os 11.2(3h)Cisco Nx-os 11.3(1i)Cisco Nx-os 11.3(2f)Cisco Nx-os 11.3(2h)Cisco Nx-os 11.3(2i)Cisco Nx-os 12.0(1m)Cisco Nx-os 12.0(1n)Cisco Nx-os 12.0(1o)Cisco Nx-os 12.0(1p)Cisco Nx-os 12.0(1q)
6.5
CVSSv3

CVE-2019-1690

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent malicious user to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control...
Cisco Application Policy Infrastructure Controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusionIMAPCVE-2024-36103CVE-2024-28995CVE-2024-37325CVE-2024-30078CVE-2024-30082SQL injectionCVE-2024-30052
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook