CVE-2025-20118
- EPSS 0.02%
- Published 26.02.2025 17:15:22
- Last modified 31.07.2025 17:38:18
A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid admin...
CVE-2025-20117
- EPSS 0.01%
- Published 26.02.2025 17:15:22
- Last modified 31.07.2025 17:37:13
A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid adm...
CVE-2025-20116
- EPSS 0.04%
- Published 26.02.2025 17:15:22
- Last modified 31.07.2025 17:34:17
A vulnerability in the web UI of Cisco APIC could allow an authenticated, remote attacker to perform a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerabil...
CVE-2024-20279
- EPSS 0.27%
- Published 28.08.2024 17:15:06
- Last modified 01.08.2025 15:26:46
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service ...
CVE-2023-20230
- EPSS 0.19%
- Published 23.08.2023 19:15:08
- Last modified 21.11.2024 07:40:56
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) ...
CVE-2023-20011
- EPSS 0.47%
- Published 23.02.2023 20:15:13
- Last modified 21.11.2024 07:40:20
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an unauthenticated, remote attacker to conduct a cross-site ...
CVE-2021-1582
- EPSS 0.17%
- Published 25.08.2021 20:15:10
- Last modified 21.11.2024 05:44:40
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is ...
CVE-2021-1581
- EPSS 3%
- Published 25.08.2021 20:15:10
- Last modified 21.11.2024 05:44:40
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For mo...
- EPSS 1.86%
- Published 25.08.2021 20:15:10
- Last modified 21.11.2024 05:44:40
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For mo...
- EPSS 0.86%
- Published 25.08.2021 20:15:10
- Last modified 21.11.2024 05:44:39
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only crede...