Cisco Application Policy Infrastructure Controller Access Control Vulnerability

2015-07-2216:00:00

tools.cisco.com

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

52.4%

JSON

A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller (APIC) and the Cisco Nexus 9000 Series ACI Mode Switch could allow an authenticated, remote attacker to access the APIC as the root user.

The vulnerability is due to improper implementation of access controls in the APIC filesystem. An attacker could exploit this vulnerability by accessing the cluster management configuration of the APIC. An exploit could allow the attacker to gain access to the APIC as the root user and perform root-level commands.

Cisco has released software updates that address this vulnerability.
This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic”]

Affected configurations

Vulners

Node

cisconx_osMatchany

ciscoapplication_policy_infrastructure_controller_\(apic\)Matchany

cisconx_osMatchany

ciscoapplication_policy_infrastructure_controller_\(apic\)Matchany

CPENameOperatorVersion
cisco nx-os softwareeqany
cisco application policy infrastructure controller (apic)eqany
cisco nx-os softwareeqany
cisco application policy infrastructure controller (apic)eqany

Name	Operator	Version
cisco nx-os software	eq	any
cisco application policy infrastructure controller (apic)	eq	any
cisco nx-os software	eq	any
cisco application policy infrastructure controller (apic)	eq	any