Cisco Application Policy Infrastructure Controller Elevation of Privilege Vulnerability (CNVD-2016-03960)

The Cisco Application Policy Infrastructure Controller provides centralized access to all group structure information, optimizes applications, and supports application configuration. Cisco Application Policy Infrastructure Controller APIC devices prior to software version 1.32f, the installation...

CVE-2016-1420

The installation component on Cisco Application Policy Infrastructure Controller APIC devices with software before 1.32f mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347...

Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to the use of incorrect installation and permissions settings for binary files...

The vulnerability of the NX-OS network operating system and the Application Policy Infrastructure Controller software allows a perpetrator to circumvent existing access restrictions based on RBAC.

The vulnerability of the NX-OS network operating system and the Application Policy Infrastructure Controller software is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to circumvent existing access restrictions using a...

Cisco Application Policy Infrastructure Controller Enterprise Module Detection (HTTP)

HTTP based detection of Cisco Application Policy Infrastructure Controller Enterprise Module. Note: When HTTP credentials are given, the script is able to extract version and patch information from the application. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpte...

Cisco Application Policy Infrastructure Controller Cross Site Scripting Vulnerability (cisco-sa-20160208-apic)

Cisco Application Policy Infrastructure Controller is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Cisco Application Policy Infrastructure Controller Detection (HTTP)

HTTP based detection of Cisco Application Policy Infrastructure Controller. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Cisco Application Policy Infrastructure Controller Cross-Site Scripting Vulnerability

The Cisco Application Policy Infrastructure Controller APIC is the U.S. A controller that automates the management of application-centric infrastructure ACI. A cross-site scripting vulnerability exists in the Cisco Application Policy Infrastructure Controller, which can be exploited by remote...

Cisco Application Policy Infrastructure Controller Access Control Vulnerability

A vulnerability in the role-based access control RBAC of the Cisco Application Policy Infrastructure Controller APIC could allow an authenticated remote user to make configuration changes outside of their configured access privileges. The vulnerability is due to eligibility logic in the RBAC...

Cisco Application Policy Infrastructure Controller Local Privileging Vulnerability

The Cisco Application Policy Infrastructure Controller is a controller that automates the management of application-centric infrastructure ACI. A security vulnerability exists in the Cisco Application Policy Infrastructure Controller that allows a local attacker to gain root privileges...

Cisco Application Policy Infrastructure Controller Elevation of Privilege Vulnerability

Cisco Application Policy Infrastructure Controller devices are an application-centric infrastructure ACI controller product. Cisco Application Policy Infrastructure Controller devices do not properly validate SSH keys added to accounts by local users, allowing a local attacker to exploit the...

CVE-2015-6259

CVE-2015-6259 affects Cisco Integrated Management Controller (IMC) Supervisor prior to 1.0.0.1 and Cisco UCS Director prior to 5.2.0.1. The JSP component enables remote attackers to overwrite arbitrary files via crafted HTTP requests, a vulnerability tracked as CSCus36435/CSCus62625. The issue is...

Cisco Application Policy Infrastructure Controller privilege escalation

It's possible to obtain root access...

Cisco Nexus 9000 Application Policy Infrastructure Controller Unauthorized Access Vulnerability

The Cisco Application Policy Infrastructure Controller APIC on Nexus 9000 devices is a Cisco controller that runs on 9000 series switch devices to automate the management of application-centric infrastructure ACI. It supports access to all ACI information, optimizing the application lifecycle,...

Cisco Application Policy Infrastructure Controller Unauthorized Access Vulnerability

A vulnerability in the role-based access control RBAC of the Cisco Application Policy Infrastructure Controller Cisco APIC could allow an authenticated, remote attacker to have read access to certain information stored in the affected system. The vulnerability is due to improper handling of RBAC...