Vulnerabilities > Cisco > Cloud Application Policy Infrastructure Controller

DATE CVE VULNERABILITY TITLE RISK
2021-08-25 CVE-2021-1577 Unspecified vulnerability in Cisco Application Policy Infrastructure Controller
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an unauthenticated, remote attacker to read or write arbitrary files on an affected system.
network
low complexity
cisco
critical
 9.1
9.1
2021-08-25 CVE-2021-1578 Improper Handling of Exceptional Conditions vulnerability in Cisco products
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device.
network
low complexity
cisco CWE-755
8.8
8.8
2021-08-25 CVE-2021-1579 Improper Privilege Management vulnerability in Cisco products
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system.
network
low complexity
cisco CWE-269
8.8
8.8
2021-08-25 CVE-2021-1580 Command Injection vulnerability in Cisco Application Policy Infrastructure Controller
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system.
network
low complexity
cisco CWE-77
7.2
7.2
2021-08-25 CVE-2021-1581 Unspecified vulnerability in Cisco products
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system.
network
low complexity
cisco
critical
 9.1
9.1
2021-08-25 CVE-2021-1582 Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system.
network
low complexity
cisco CWE-79
5.4
5.4