Vulnerabilities > Cisco > Application Policy Infrastructure Controller > 2.3.1f
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-1577 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on an affected system. | 9.1 |
| 2021-08-25 | CVE-2021-1579 | Improper Privilege Management vulnerability in Cisco products A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system. | 8.8 |
| 2021-08-25 | CVE-2021-1580 | Command Injection vulnerability in Cisco Application Policy Infrastructure Controller Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. | 7.2 |
| 2021-08-25 | CVE-2021-1581 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. | 9.1 |
| 2021-08-25 | CVE-2021-1582 | Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. | 5.4 |
| 2020-01-26 | CVE-2020-3139 | Improper Input Validation vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. | 5.0 |
| 2019-03-11 | CVE-2019-1690 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the management interface of Cisco Application Policy Infrastructure Controller (APIC) software could allow an unauthenticated, adjacent attacker to gain unauthorized access on an affected device. low complexity cisco | 3.3 |
| 2017-11-30 | CVE-2017-12352 | Command Injection vulnerability in Cisco Application Policy Infrastructure Controller 2.3(1F) A vulnerability in certain system script files that are installed at boot time on Cisco Application Policy Infrastructure Controllers could allow an authenticated, local attacker to gain elevated privileges and execute arbitrary commands with root privileges on an affected host operating system. | 7.2 |