Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application policy infrastructure controller vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-3333
A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote malicious user to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify policies on an affected devic...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
2.1
CVSSv2
CVE-2020-3335
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker co...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
5
CVSSv2
CVE-2020-3139
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote malicious user to bypass configured deny entries for specific IP ports. These IP ports woul...
Cisco Application Policy Infrastructure Controller
9
CVSSv2
CVE-2021-1579
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges o...
Cisco Application Policy Infrastructure Controller
Cisco Cloud Application Policy Infrastructure Controller
1 Article
9
CVSSv2
CVE-2015-4235
Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.0(3o) and 1.1 prior to 1.1(1j) and Nexus 9000 ACI devices with software prior to 11.0(4o) and 11.1 prior to 11.1(1j) do not properly restrict access to the APIC filesystem, which allows rem...
Cisco Nx-os 11.0\\(2j\\)
Cisco Nx-os 11.0\\(2m\\)
Cisco Nx-os 11.0\\(1b\\)
Cisco Nx-os 11.0\\(1c\\)
Cisco Nx-os 11.0\\(3k\\)
Cisco Nx-os 11.0\\(3n\\)
Cisco Nx-os 11.0\\(1d\\)
Cisco Nx-os 11.0\\(1e\\)
Cisco Nx-os 11.0\\(4h\\)
Cisco Application Policy Infrastructure Controller \\(apic\\) 1.0\\(1e\\)
Cisco Nx-os 11.0\\(3f\\)
Cisco Nx-os 11.0\\(3i\\)
NA
CVE-2023-20230
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to read, modify, or delete non-tenant policies (for example, access policies) created by users associa...
Cisco Application Policy Infrastructure Controller
10
CVSSv2
CVE-2020-5902
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Ssl Orchestrator
90 Github repositories
6 Articles
4
CVSSv2
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
9.3
CVSSv2
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
7.2
CVSSv2
CVE-2019-1803
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. Th...
Cisco Nexus 9000 Series Application Centric Infrastructure -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »