Lucene search
K
CiscoCloud Application Policy Infrastructure Controller

6 matches found

CVE
CVE
added 2021/08/25 7:10 p.m.105 views

CVE-2021-1577

CVE-2021-1577 affects Cisco Application Policy Infrastructure Controller (APIC) and Cloud APIC. The issue is an improper access control in an API endpoint that could let an unauthenticated, remote attacker upload a file to the device, enabling reading or writing of arbitrary files. Severity is re...

9.1CVSS9.3AI score0.01303EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.85 views

CVE-2021-1580

Cisco APIC/Cisco Cloud APIC expose CVE-2021-1580 as a remote command-injection and file-upload vulnerability in the web UI and API endpoints. The issue stems from insufficient input validation, enabling a remote attacker to execute commands or upload files on the affected system. Exploitation det...

9CVSS7.4AI score0.01779EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.63 views

CVE-2021-1581

Cisco APIC/Cisco Cloud APIC are affected by CVE-2021-1581, a file-upload vulnerability in the web UI and API endpoints that can enable an unauthenticated remote attacker to upload arbitrary files on the vulnerable system (remote access.Vector: NETWORK; impact: high for integrity/availability per ...

9.1CVSS8.4AI score0.01139EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.63 views

CVE-2021-1582

CVE-2021-1582 affects Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud APIC web UI. The root cause is improper input validation in the web UI, allowing an authenticated, remote attacker to supply malicious input that is stored and subsequently executed as script code in t...

5.4CVSS5.4AI score0.00599EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.60 views

CVE-2021-1579

CVE-2021-1579 affects Cisco Application Policy Infrastructure Controller (APIC) and Cloud APIC. A vulnerability in the API endpoint enables privilege escalation due to insufficient RBAC: an attacker with Administrator read-only credentials can issue a crafted API request (using an app with admin ...

9CVSS8.3AI score0.02125EPSS
CVE
CVE
added 2021/08/25 7:10 p.m.56 views

CVE-2021-1578

CVE-2021-1578 affects Cisco APIC and Cloud APIC via an API endpoint where improper policy defaults allow an authenticated, remote attacker with unprivileged MSO credentials to send a specific API request and obtain Administrator credentials on the affected device. Connected sources confirm the ro...

9CVSS8.6AI score0.01971EPSS