Vulnerabilities > Cisco > Application Policy Infrastructure Controller > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2021-1581 | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. | 9.1 |
| 2021-08-25 | CVE-2021-1577 | Unspecified vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on an affected system. | 9.1 |
| 2021-02-24 | CVE-2021-1388 | Unspecified vulnerability in Cisco products A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. | 10.0 |
| 2021-02-24 | CVE-2021-1393 | Missing Authentication for Critical Function vulnerability in Cisco products Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. | 9.8 |