Lucene search
K
CiscoApplication Policy Infrastructure Controller*

9 matches found

CVE
CVE
added 2020/01/26 4:30 a.m.131 views

CVE-2020-3139

Cisco APIC exposes a vulnerability in the OOB management IP tables where a programming logic error in specific IP-table entries causes certain IP ports to be permitted when they should be dropped. An unauthenticated, remote attacker can send traffic to the OOB interface to bypass configured deny ...

5.3CVSS5.3AI score0.01042EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.108 views

CVE-2021-1577

CVE-2021-1577 affects Cisco Application Policy Infrastructure Controller (APIC) and Cloud APIC. The issue is an improper access control in an API endpoint that could let an unauthenticated, remote attacker upload a file to the device, enabling reading or writing of arbitrary files. Severity is re...

9.1CVSS9.3AI score0.01303EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.87 views

CVE-2021-1580

Cisco APIC/Cisco Cloud APIC expose CVE-2021-1580 as a remote command-injection and file-upload vulnerability in the web UI and API endpoints. The issue stems from insufficient input validation, enabling a remote attacker to execute commands or upload files on the affected system. Exploitation det...

9CVSS7.4AI score0.01779EPSS
CVE
CVE
added 2019/05/03 3:0 p.m.65 views

CVE-2019-1692

CVE-2019-1692 affects Cisco APIC web-based management interfaces. The issue arises from insufficient data protection for components in the ACI, allowing an unauthenticated, remote attacker to observe network traffic and access tracking data/usage statistics. Impact is information disclosure of us...

5.3CVSS5.2AI score0.01197EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.65 views

CVE-2021-1581

Cisco APIC/Cisco Cloud APIC are affected by CVE-2021-1581, a file-upload vulnerability in the web UI and API endpoints that can enable an unauthenticated remote attacker to upload arbitrary files on the vulnerable system (remote access.Vector: NETWORK; impact: high for integrity/availability per ...

9.1CVSS8.4AI score0.01139EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.64 views

CVE-2021-1582

CVE-2021-1582 affects Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud APIC web UI. The root cause is improper input validation in the web UI, allowing an authenticated, remote attacker to supply malicious input that is stored and subsequently executed as script code in t...

5.4CVSS5.4AI score0.00599EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.62 views

CVE-2021-1579

CVE-2021-1579 affects Cisco Application Policy Infrastructure Controller (APIC) and Cloud APIC. A vulnerability in the API endpoint enables privilege escalation due to insufficient RBAC: an attacker with Administrator read-only credentials can issue a crafted API request (using an app with admin ...

9CVSS8.3AI score0.02125EPSS
CVE
CVE
added 2019/05/03 2:55 p.m.58 views

CVE-2019-1682

CVE-2019-1682 affects Cisco Application Policy Infrastructure Controller (APIC). The issue is in the FUSE filesystem functionality where insufficient input validation of CLI commands can allow an authenticated, local attacker with write access to a readable folder to alter definitions in an affec...

7.8CVSS7.8AI score0.00352EPSS
CVE
CVE
added 2019/03/11 10:0 p.m.58 views

CVE-2019-1690

CVE-2019-1690 affects Cisco Application Policy Infrastructure Controller (APIC) devices running versions prior to 4.2(0.21c). The issue is due to insufficient access control for IPv6 link-local connectivity on the management interface, enabling an unauthenticated, adjacent attacker on the same ph...

6.5CVSS5.2AI score0.00615EPSS