Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application policy infrastructure controller software vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-1582
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote malicious user to perform a stored cross-site scripting attack on an affected system. This vulnerability is due to improper input va...
Cisco Application Policy Infrastructure Controller
Cisco Cloud Application Policy Infrastructure Controller
6.5
CVSSv3
CVE-2019-1690
A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent malicious user to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control...
Cisco Application Policy Infrastructure Controller
4.6
CVSSv3
CVE-2019-1586
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. The vulnerability is due to insecure removal of cleartext encryption ...
Cisco Application Policy Infrastructure Controller 4.1\\(0.90a\\)
8.8
CVSSv3
CVE-2018-0427
A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote malicious user to perform a command injection attack. The vulnerability is due to incorrect input validation of user-supplied data. An attacker cou...
Cisco Application Policy Infrastructure Controller Enterprise Module Dnac1.1
7.8
CVSSv3
CVE-2019-1682
A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local malicious user to escalate privileges to root on an affected device. The vulnerability is due to insufficient input vali...
Cisco Application Policy Infrastructure Controller
7.8
CVSSv3
CVE-2018-0368
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local malicious user to access sensitive information on an affected system. The vulnerability is due to insufficient security restrictions imposed by the affected software. An attacke...
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
5.3
CVSSv3
CVE-2020-3333
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote malicious user to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected devic...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
5.5
CVSSv3
CVE-2020-3335
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker co...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
5.3
CVSSv3
CVE-2020-3139
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote malicious user to bypass configured deny entries for specific IP ports. These IP ports woul...
Cisco Application Policy Infrastructure Controller
10
CVSSv3
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »