Cisco Application Policy Infrastructure Controller XSRF (cisco-sa-capic-csrfv-DMx6KSwV)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a cross-site request forgery XSRF vulnerability. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link resulting...

CVE-2023-20011 Cisco Application Policy Infrastructure Controller and Cisco Cloud Network Controller Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system...

PT-2023-1451 · Cisco · Cisco Application Policy Infrastructure Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Application Policy Infrastructure Controller APIC versions not specified Cisco Cloud Network Controller versions not specified Description: A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure...

CVE-2022-20860

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus...

CVE-2022-20860 Cisco Nexus Dashboard SSL Certificate Validation Vulnerability

A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information. This vulnerability exists because SSL server certificates are not validated when Cisco Nexus...

The vulnerability of the Web interface and API of the Cisco Application Policy Infrastructure Controller allows attackers to execute cross-site scripting attacks.

The vulnerability of the Cisco Application Policy Infrastructure Controller’s web interface and API exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

Cisco Application Policy Infrastructure Controller App Privilege Escalation (cisco-sa-capic-chvul-CKfGYBh8)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a privilege escalation vulnerability due to an insufficient role-based access control. An authenticated, remote attacker can exploit this, by sending a specially crafted request, to gain...

Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a stored cross-site scripting XSS vulnerability in its Web UI component due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...

Cisco Application Policy Infrastructure Controller Multiple Vulnerabilities (cisco-sa-capic-mdvul-HBsJBuvW)

According to its self-reported version, Cisco Application Policy Infrastructure Controller APIC is affected by multiple vulnerabilities, including the following: - A command injection vulnerability exists in Cisco APIC due to invalid input validation. An authenticated, remote attacker can exploit...

Cisco Application Policy Infrastructure Controller Cross-Site Scripting Vulnerability (CNVD-2021-68730)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA. Controller's web UI contains a stored cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary script code or access...

Cisco Application Policy Infrastructure Controller Elevation of Privilege Vulnerability (CNVD-2021-68724)

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco USA.Cisco Application Policy Infrastructure An elevation of privilege vulnerability exists in the API endpoint of the Controller, which can be exploited by an...

CVE-2021-1582

A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due to improper input validation in the web UI. A...

CVE-2021-1581

Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these vulnerabilities, see t...

CVE-2021-1580

Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these vulnerabilities, see t...

CVE-2021-1582 Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability

A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due to improper input validation in the web UI. A...

Cisco Application Policy Infrastructure Controller 安全漏洞

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco.Cisco Application Policy Infrastructure Controller's API endpoint contains an arbitrary file read/write vulnerability, which can be exploited by an attacker to read...

Cisco Application Policy Infrastructure Controller 授权问题漏洞

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. The API endpoint of the Controller contains an elevation of privilege vulnerability that can be exploited by an attacker with administrator read-only credentials t...

Cisco Application Policy Infrastructure Controller 命令注入漏洞

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. A command injection vulnerability exists in Cisco Application Policy Infrastructure Controller, which stems from the product's web UI and API endpoint not validati...

Cisco ACI Multi-Site Orchestrator 安全漏洞

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. A security vulnerability exists in Cisco ACI Multi-Site Orchestrator that allows an unauthenticated, remote attacker to bypass authentication on an affected device...

Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability (cisco-sa-20190501-apic-xss)

According to its self-reported version, Cisco Application Policy Infrastructure Controller APIC is affected by following vulnerability - A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker t...