Cisco

Application Policy Infrastructure Controller

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2021-1578

  • EPSS 0.67%
  • Veröffentlicht 25.08.2021 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:44:39

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administr...

9.1

CVE-2021-1577

  • EPSS 0.73%
  • Veröffentlicht 25.08.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:44:39

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files...

10

CVE-2021-1393

  • EPSS 1.06%
  • Veröffentlicht 24.02.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:44:15

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited config...

6.5

CVE-2021-1396

  • EPSS 0.56%
  • Veröffentlicht 24.02.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:44:15

Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited config...

10

CVE-2021-1388

  • EPSS 1.96%
  • Veröffentlicht 24.02.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:44:14

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to imp...

5.5

CVE-2020-3335

  • EPSS 0.04%
  • Veröffentlicht 03.06.2020 18:15:22
  • Zuletzt bearbeitet 21.11.2024 05:30:49

A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization lim...

5.3

CVE-2020-3333

  • EPSS 0.55%
  • Veröffentlicht 03.06.2020 18:15:22
  • Zuletzt bearbeitet 21.11.2024 05:30:49

A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affected device. The vulnerability is due to insufficient authentication of users who modify polic...

5.3

CVE-2020-3139

  • EPSS 0.22%
  • Veröffentlicht 26.01.2020 05:15:17
  • Zuletzt bearbeitet 21.11.2024 05:30:24

A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP po...

6.5

CVE-2019-1890

  • EPSS 0.1%
  • Veröffentlicht 04.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:37

A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations a...

9

CVE-2019-1889

  • EPSS 1.3%
  • Veröffentlicht 04.07.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:37

A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate privileges to root on an affected device. The vulnerability...