A vulnerability in the boot process of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local malicious user to access the APIC as the root user. The vulnerability is due to improper implementation of access controls in the APIC system. An attacker could exploit this vulnerability by accessing the boot manager of the APIC. An exploit could allow the malicious user to access the APIC as the root user and perform root-level commands in single-user mode. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco application policy infrastructure controller 1.1\\(0.920a\\) |
Vulmon