Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105535
Category:CISCO
Title:Cisco Application Policy Infrastructure Controller Access Control Vulnerability
Summary:A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to access the APIC as the root user.
Description:Summary:
A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to access the APIC as the root user.

Vulnerability Insight:
The vulnerability is due to improper implementation of access controls in the APIC filesystem. An attacker could exploit this vulnerability by accessing the cluster management configuration of the APIC.

Vulnerability Impact:
An exploit could allow the attacker to gain access to the APIC as the root user and perform root-level commands.

Affected Software/OS:
Application Policy Infrastructure Controllers running software versions prior to 1.1(1j), 1.0(3o) and 1.0(4o).

Solution:
Updates are available

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 75994
Common Vulnerability Exposure (CVE) ID: CVE-2015-4235
Cisco Security Advisory: 20150722 Cisco Application Policy Infrastructure Controller Access Control Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic
http://www.securitytracker.com/id/1033025
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.