Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application policy infrastructure controller vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-3335
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker co...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
7.2
CVSSv2
CVE-2019-1682
A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local malicious user to escalate privileges to root on an affected device. The vulnerability is due to insufficient input vali...
Cisco Application Policy Infrastructure Controller
9
CVSSv2
CVE-2015-4235
Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.0(3o) and 1.1 prior to 1.1(1j) and Nexus 9000 ACI devices with software prior to 11.0(4o) and 11.1 prior to 11.1(1j) do not properly restrict access to the APIC filesystem, which allows rem...
Cisco Nx-os 11.0\\(2j\\)
Cisco Nx-os 11.0\\(2m\\)
Cisco Nx-os 11.0\\(1b\\)
Cisco Nx-os 11.0\\(1c\\)
Cisco Nx-os 11.0\\(3k\\)
Cisco Nx-os 11.0\\(3n\\)
Cisco Nx-os 11.0\\(1d\\)
Cisco Nx-os 11.0\\(1e\\)
Cisco Nx-os 11.0\\(4h\\)
Cisco Application Policy Infrastructure Controller \\(apic\\) 1.0\\(1e\\)
Cisco Nx-os 11.0\\(3f\\)
Cisco Nx-os 11.0\\(3i\\)
5
CVSSv2
CVE-2020-3139
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote malicious user to bypass configured deny entries for specific IP ports. These IP ports woul...
Cisco Application Policy Infrastructure Controller
4
CVSSv2
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
9
CVSSv2
CVE-2021-1579
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges o...
Cisco Application Policy Infrastructure Controller
Cisco Cloud Application Policy Infrastructure Controller
1 Article
9.3
CVSSv2
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
NA
CVE-2023-20230
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to read, modify, or delete non-tenant policies (for example, access policies) created by users associa...
Cisco Application Policy Infrastructure Controller
7.2
CVSSv2
CVE-2019-1803
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. Th...
Cisco Nexus 9000 Series Application Centric Infrastructure -
7.2
CVSSv2
CVE-2019-1591
A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local malicious user to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-suppli...
Cisco Nx-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »