Cisco

Application Policy Infrastructure Controller

27 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2021-1578

  • EPSS 0.67%
  • Published 25.08.2021 20:15:10
  • Last modified 21.11.2024 05:44:39

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administr...

9.1

CVE-2021-1577

  • EPSS 0.73%
  • Published 25.08.2021 20:15:09
  • Last modified 21.11.2024 05:44:39

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files...

10

CVE-2021-1393

  • EPSS 1.06%
  • Published 24.02.2021 20:15:13
  • Last modified 21.11.2024 05:44:15

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited config...

6.5

CVE-2021-1396

  • EPSS 0.56%
  • Published 24.02.2021 20:15:13
  • Last modified 21.11.2024 05:44:15

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited config...

10

CVE-2021-1388

  • EPSS 1.96%
  • Published 24.02.2021 20:15:13
  • Last modified 21.11.2024 05:44:14

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to imp...

5.5

CVE-2020-3335

  • EPSS 0.04%
  • Published 03.06.2020 18:15:22
  • Last modified 21.11.2024 05:30:49

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization lim...

5.3

CVE-2020-3333

  • EPSS 0.55%
  • Published 03.06.2020 18:15:22
  • Last modified 21.11.2024 05:30:49

A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify polic...

5.3

CVE-2020-3139

  • EPSS 0.22%
  • Published 26.01.2020 05:15:17
  • Last modified 21.11.2024 05:30:24

A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP po...

6.5

CVE-2019-1890

  • EPSS 0.1%
  • Published 04.07.2019 20:15:11
  • Last modified 21.11.2024 04:37:37

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations a...

9

CVE-2019-1889

  • EPSS 1.23%
  • Published 04.07.2019 20:15:11
  • Last modified 21.11.2024 04:37:37

A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability...