Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco application infrastructure controller - vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-3335
A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local malicious user to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker co...
Cisco Application Policy Infrastructure Controller 1.1\\(0c\\)
Cisco Application Services Engine
7.8
CVSSv3
CVE-2019-1682
A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local malicious user to escalate privileges to root on an affected device. The vulnerability is due to insufficient input vali...
Cisco Application Policy Infrastructure Controller
NA
CVE-2015-4235
Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.0(3o) and 1.1 prior to 1.1(1j) and Nexus 9000 ACI devices with software prior to 11.0(4o) and 11.1 prior to 11.1(1j) do not properly restrict access to the APIC filesystem, which allows rem...
Cisco Nx-os 11.0\\(2j\\)
Cisco Nx-os 11.0\\(2m\\)
Cisco Nx-os 11.0\\(1b\\)
Cisco Nx-os 11.0\\(1c\\)
Cisco Nx-os 11.0\\(3k\\)
Cisco Nx-os 11.0\\(3n\\)
Cisco Nx-os 11.0\\(1d\\)
Cisco Nx-os 11.0\\(1e\\)
Cisco Nx-os 11.0\\(4h\\)
Cisco Application Policy Infrastructure Controller \\(apic\\) 1.0\\(1e\\)
Cisco Nx-os 11.0\\(3f\\)
Cisco Nx-os 11.0\\(3i\\)
5.3
CVSSv3
CVE-2020-3139
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote malicious user to bypass configured deny entries for specific IP ports. These IP ports woul...
Cisco Application Policy Infrastructure Controller
NA
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
8.8
CVSSv3
CVE-2021-1579
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges o...
Cisco Application Policy Infrastructure Controller
Cisco Cloud Application Policy Infrastructure Controller
1 Article
10
CVSSv3
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
6.7
CVSSv3
CVE-2019-1803
A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. Th...
Cisco Nexus 9000 Series Application Centric Infrastructure -
7.8
CVSSv3
CVE-2019-1591
A vulnerability in a specific CLI command implementation of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local malicious user to escape a restricted shell on an affected device. The vulnerability is due to insufficient sanitization of user-suppli...
Cisco Nx-os
9.8
CVSSv3
CVE-2019-1804
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to connect to the affected system with the privileges of the root user. The vulnerability ...
Cisco Nexus 9332pq Firmware 14.0\\(3d\\)
Cisco Nexus 93180yc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 93128tx Firmware 14.0\\(3d\\)
Cisco Nexus 93120tx Firmware 14.0\\(3d\\)
Cisco Nexus 93108tc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 9516 Firmware 14.0\\(3d\\)
Cisco Nexus 9508 Firmware 14.0\\(3d\\)
Cisco Nexus 9504 Firmware 14.0\\(3d\\)
Cisco Nexus 9500 Firmware 14.0\\(3d\\)
Cisco Nexus 9396tx Firmware 14.0\\(3d\\)
Cisco Nexus 9396px Firmware 14.0\\(3d\\)
Cisco Nexus 9372tx Firmware 14.0\\(3d\\)
Cisco Nexus 9372px Firmware 14.0\\(3d\\)
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »