2 matches found
CVE-2020-3333
CVE-2020-3333 affects Cisco Application Services Engine (APIC) Software API responsible for event policies. The root cause is insufficient authentication of users who modify policies, enabling an unauthenticated, remote attacker to craft HTTP requests to contact an affected device and update even...
CVE-2020-3335
CVE-2020-3335 affects Cisco Application Services Engine Software. The issue is in the keystore and stems from insufficient authorization restrictions, allowing an authenticated, local attacker to read other users’ sensitive information on an affected device. Impact is read access to user data wit...