CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. The vulnerability is...

5.8CVSS8.7AI score0.00602EPSS

Exploits0References3Affected Software1

NVD•added 2017/11/02 4:29 p.m.•10 views

CVE-2017-12262

8.8CVSS8.8AI score0.00602EPSS

Exploits0References3

OSV•added 2017/11/02 4:29 p.m.•2 views

CVE-2017-12262

8.8CVSS5.7AI score

Exploits0References3

Cvelist•added 2017/11/02 4:0 p.m.•11 views

CVE-2017-12262

8.8AI score0.00602EPSS

Exploits0References3

CVE•added 2017/11/02 4:0 p.m.•42 views

CVE-2017-12262

Cisco APIC-EM (Application Policy Infrastructure Controller Enterprise Module) 1.x before 1.5 is affected by a firewall configuration flaw. The misconfigured firewall rule allows traffic arriving at the device’s public interface to be forwarded to the internal virtual network, enabling an unauthe...

8.8CVSS8.7AI score0.00602EPSS

Exploits0References3Affected Software1

Cisco•added 2017/11/01 4:0 p.m.•44 views

Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability

8.8CVSS8.8AI score0.00602EPSS

Exploits0References1

Cisco•added 2017/05/03 4:0 p.m.•21 views

Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability

A vulnerability in the Plug-and-Play PnP subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point AP or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges. The vulnerability is...

7.5CVSS7.9AI score0.00254EPSS

Exploits0References1

Prion•added 2016/08/18 7:59 p.m.•12 views

Design/Logic Flaw

The Grapevine update process in Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM 1.0 allows remote authenticated users to execute arbitrary commands as root via a crafted upgrade parameter, aka Bug ID CSCux15507...

8.5CVSS7.6AI score0.00985EPSS

Exploits0References3Affected Software1

NVD•added 2016/08/18 7:59 p.m.•11 views

CVE-2016-1365

8.8CVSS8.6AI score0.00985EPSS

Exploits0References3

OSV•added 2016/08/18 7:59 p.m.•0 views

CVE-2016-1365

8.8CVSS6AI score0.00985EPSS

Exploits0References3

CVE•added 2016/08/18 7:0 p.m.•39 views

CVE-2016-1365

CVE-2016-1365 affects Cisco APIC-EM (Grapevine update process) and allows an authenticated remote attacker to execute arbitrary commands as root via a crafted upgrade parameter. The root cause is insufficient input sanitization during the Grapevine update process. Impact is remote code execution ...

8.8CVSS8.6AI score0.00985EPSS

Exploits0References3Affected Software1

Cvelist•added 2016/08/18 7:0 p.m.•16 views

CVE-2016-1365

8.7AI score0.00985EPSS

Exploits0References3

Cisco•added 2016/08/17 4:0 p.m.•16 views

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability

A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerabilit...

8.5CVSS9.1AI score0.00985EPSS

Exploits0References1

Prion•added 2016/04/28 10:59 p.m.•11 views

Code injection

The API in Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM 1.01 allows remote attackers to spoof administrative notifications via crafted attribute-value pairs, aka Bug ID CSCux15521...

5CVSS7.1AI score0.00235EPSS

Exploits0References2Affected Software1

NVD•added 2016/04/28 10:59 p.m.•11 views

CVE-2016-1386

7.5CVSS7.5AI score0.00235EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by