Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

cisco application policy infrastructure controller software vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv2

CVE-2016-1420

The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software prior to 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
Cisco Application Infrastructure Controller -Cisco Application Policy Infrastructure Controller Firmware 1.0(1e)Cisco Application Policy Infrastructure Controller Firmware 1.0(1h)Cisco Application Policy Infrastructure Controller Firmware 1.0(1k)Cisco Application Policy Infrastructure Controller Firmware 1.0(1n)Cisco Application Policy Infrastructure Controller Firmware 1.0(2j)Cisco Application Policy Infrastructure Controller Firmware 1.0(2m)Cisco Application Policy Infrastructure Controller Firmware 1.0(3f)Cisco Application Policy Infrastructure Controller Firmware 1.0(3i)Cisco Application Policy Infrastructure Controller Firmware 1.0(3k)Cisco Application Policy Infrastructure Controller Firmware 1.0(3n)Cisco Application Policy Infrastructure Controller Firmware 1.0(4h)Cisco Application Policy Infrastructure Controller Firmware 1.0(4o)Cisco Application Policy Infrastructure Controller Firmware 1.1(0.920a)Cisco Application Policy Infrastructure Controller Firmware 1.1(1j)Cisco Application Policy Infrastructure Controller Firmware 1.1(3f)
7.2
CVSSv2

CVE-2017-6768

A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local malicious user to gain root-level privileges. The vulnerability is due to a c...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)Cisco Application Policy Infrastructure Controller 1.3(2f)Cisco Application Policy Infrastructure Controller 1.1(1j)
4.6
CVSSv2

CVE-2017-6767

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether t...
Cisco Application Policy Infrastructure Controller 1.2(3)Cisco Application Policy Infrastructure Controller 1.0(4o)Cisco Application Policy Infrastructure Controller 1.0(4h)Cisco Application Policy Infrastructure Controller 1.0(3i)Cisco Application Policy Infrastructure Controller 2.0 BaseCisco Application Policy Infrastructure Controller 1.0(2j)Cisco Application Policy Infrastructure Controller 1.0(1n)Cisco Application Policy Infrastructure Controller 1.0(2m)Cisco Application Policy Infrastructure Controller 1.2.2Cisco Application Policy Infrastructure Controller 1.1(3f)Cisco Application Policy Infrastructure Controller 1.2(2)Cisco Application Policy Infrastructure Controller 1.0(1h)Cisco Application Policy Infrastructure Controller 1.0(3k)Cisco Application Policy Infrastructure Controller 1.0(3n)Cisco Application Policy Infrastructure Controller 1.3(2)Cisco Application Policy Infrastructure Controller 1.0(3f)Cisco Application Policy Infrastructure Controller 1.2 BaseCisco Application Policy Infrastructure Controller 1.0(1e)Cisco Application Policy Infrastructure Controller 2.0(1)Cisco Application Policy Infrastructure Controller 1.0(1k)Cisco Application Policy Infrastructure Controller 1.3(1)Cisco Application Policy Infrastructure Controller 1.1(0.920a)
6.8
CVSSv2

CVE-2016-6413

The installation procedure on Cisco Application Policy Infrastructure Controller (APIC) devices 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCva50496.
Cisco Application Policy Infrastructure Controller 1.3(2f)
6.4
CVSSv2

CVE-2021-1577

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote malicious user to read or write arbitrary files on an affected system. ...
Cisco Application Policy Infrastructure ControllerCisco Cloud Application Policy Infrastructure Controller
3.3
CVSSv2

CVE-2019-1690

A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent malicious user to gain unauthorized access on an affected device. The vulnerability is due to a lack of proper access control...
Cisco Application Policy Infrastructure Controller
5
CVSSv2

CVE-2019-1692

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote malicious user to access sensitive system usage information. The vulnerability is due to a lack of proper data protec...
Cisco Application Policy Infrastructure Controller 8.3(1)s6Cisco Application Policy Infrastructure Controller
4.3
CVSSv2

CVE-2015-6337

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote malicious users to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.0 GaCisco Application Policy Infrastructure Controller Enterprise Module 1.0.10
9
CVSSv2

CVE-2021-1578

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote malicious user to elevate privileges to Administrator on an affected devi...
Cisco Cloud Application Policy Infrastructure Controller 5.0(2h)Cisco Application Policy Infrastructure Controller 5.0(2h)Cisco Cloud Application Policy Infrastructure ControllerCisco Application Policy Infrastructure Controller
4.3
CVSSv2

CVE-2016-1305

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511.
Cisco Application Policy Infrastructure Controller Enterprise Module 1.1 Base
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267XML injectionCVE-2024-37673CVE-2024-6266CVE-2024-30078arbitrary CVE-2024-36886CVE-2024-5346template injection
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook