Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

application policy infrastructure controller vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv2

CVE-2016-1420

The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
Cisco Application Infrastructure Controller -Cisco Application Policy Infrastructure Controller Firmware 1.0(1e)Cisco Application Policy Infrastructure Controller Firmware 1.0(1h)Cisco Application Policy Infrastructure Controller Firmware 1.0(1k)Cisco Application Policy Infrastructure Controller Firmware 1.0(1n)Cisco Application Policy Infrastructure Controller Firmware 1.0(2j)Cisco Application Policy Infrastructure Controller Firmware 1.0(2m)Cisco Application Policy Infrastructure Controller Firmware 1.0(3f)Cisco Application Policy Infrastructure Controller Firmware 1.0(3i)Cisco Application Policy Infrastructure Controller Firmware 1.0(3k)Cisco Application Policy Infrastructure Controller Firmware 1.0(3n)Cisco Application Policy Infrastructure Controller Firmware 1.0(4h)Cisco Application Policy Infrastructure Controller Firmware 1.0(4o)Cisco Application Policy Infrastructure Controller Firmware 1.1(0.920a)Cisco Application Policy Infrastructure Controller Firmware 1.1(1j)Cisco Application Policy Infrastructure Controller Firmware 1.1(3f)
7.2
CVSSv2

CVE-2017-6768

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local malicious user to gain root-level privileges. The vulnerability is due to a c...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)Cisco Application Policy Infrastructure Controller 1.3(2f)Cisco Application Policy Infrastructure Controller 1.1(1j)
4.6
CVSSv2

CVE-2017-6767

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether t...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 1.0(4o)Cisco Application Policy Infrastructure Controller 1.0(4h)Cisco Application Policy Infrastructure Controller 1.0(3i)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.0(2j)Cisco Application Policy Infrastructure Controller 1.0(1n)Cisco Application Policy Infrastructure Controller 1.0(2m)Cisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.0(1h)Cisco Application Policy Infrastructure Controller 1.0(3k)Cisco Application Policy Infrastructure Controller 1.0(3n)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.0(3f)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 1.0(1e)Cisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.0(1k)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)
4.3
CVSSv2

CVE-2016-1305

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
4.3
CVSSv2

CVE-2015-6337

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0 GaCisco Application Policy Infrastructure Controller Enterprise Module 1.0.10
10
CVSSv2

CVE-2021-1393

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote malicious user to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For mor...
Cisco Application Services EngineCisco Application Policy Infrastructure Controller 1.1.3
6.4
CVSSv2

CVE-2021-1396

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote malicious user to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For mor...
Cisco Application Services EngineCisco Application Policy Infrastructure Controller 1.1.3
5.8
CVSSv2

CVE-2017-12262

A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, adjacent malicious user to gain privileged access to services only available on the internal network of the devi...
Cisco Application Policy Infrastructure Controller Enterprise Module
5
CVSSv2

CVE-2016-1386

The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote malicious users to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0.(1)
4.6
CVSSv2

CVE-2015-6333

Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.
Cisco Application Policy Infrastructure Controller 1.1(1j)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884CVE-2024-6003remotebrute forceinformation disclosureCVE-2024-27801CVE-2024-30078CVE-2024-31870CVE-2024-6042
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook