Action not permitted
Modal body text goes here.
wid-sec-w-2024-1941
Vulnerability from csaf_certbund
Published
2024-08-28 22:00
Modified
2024-08-28 22:00
Summary
Cisco Application Policy Infrastructure Controller: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Cisco Application Policy Infrastructure Controller (APIC) ist die architektonische Hauptkomponente der Cisco Application Centric Infrastructure.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen im Cisco Application Policy Infrastructure Controller ausnutzen, um Dateien zu manipulieren, beliebigen Code auszuführen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Cisco Application Policy Infrastructure Controller (APIC) ist die architektonische Hauptkomponente der Cisco Application Centric Infrastructure.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen im Cisco Application Policy Infrastructure Controller ausnutzen, um Dateien zu manipulieren, beliebigen Code auszuf\u00fchren oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1941 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1941.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1941 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1941"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-apic-cousmo-uBpBYGbq vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-cousmo-uBpBYGbq"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-capic-priv-esc-uYQJjnuU vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"source_lang": "en-US",
"title": "Cisco Application Policy Infrastructure Controller: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-29T08:08:15.743+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-1941",
"initial_release_date": "2024-08-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0(6c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c6.0(6c)",
"product_id": "T037146"
}
},
{
"category": "product_version",
"name": "6.0(6c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 6.0(6c)",
"product_id": "T037146-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:6.0%25286c%2529"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.3(2c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c5.3(2c)",
"product_id": "T037147"
}
},
{
"category": "product_version",
"name": "5.3(2c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 5.3(2c)",
"product_id": "T037147-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:5.3%25282c%2529"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c6.1",
"product_id": "T037148"
}
},
{
"category": "product_version",
"name": "6.1",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 6.1",
"product_id": "T037148-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:6.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.3(2d)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c5.3(2d)",
"product_id": "T037149"
}
},
{
"category": "product_version",
"name": "5.3(2d)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 5.3(2d)",
"product_id": "T037149-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:5.3%25282d%2529"
}
}
}
],
"category": "product_name",
"name": "Application Policy Infrastructure Controller"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-20279",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Cisco Application Policy Infrastructure Controller. Dieser Fehler besteht in der Implementierung der eingeschr\u00e4nkten Sicherheitsdom\u00e4ne aufgrund einer unsachgem\u00e4\u00dfen Zugriffskontrolle, wenn eingeschr\u00e4nkte Sicherheitsdom\u00e4nen zur Implementierung von Mandantenf\u00e4higkeit verwendet werden. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um untergeordnete Richtlinien zu lesen, zu \u00e4ndern oder zu l\u00f6schen, die unter Standard-Systemrichtlinien erstellt wurden."
}
],
"product_status": {
"known_affected": [
"T037147",
"T037146"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20279"
},
{
"cve": "CVE-2024-20478",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Cisco Application Policy Infrastructure Controller. Diese Schwachstelle besteht in der Software-Upgrade-Komponente aufgrund einer unzureichenden Signaturvalidierung von Software-Images. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auf dem betroffenen System auszuf\u00fchren und seine Rechte zu Root-Rechten zu erweitern."
}
],
"product_status": {
"known_affected": [
"T037147",
"T037149",
"T037146"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20478"
}
]
}
cve-2024-20478
Vulnerability from cvelistv5
Published
2024-08-28 16:30
Modified
2024-09-06 14:11
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(41d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(6i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2x\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(2c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2c\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "application_policy_infrastructure_controller",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.2\\(8d\\)"
},
{
"status": "affected",
"version": "2.2\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2i\\)"
},
{
"status": "affected",
"version": "1.2\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(1k\\)"
},
{
"status": "affected",
"version": "3.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(1m\\)"
},
{
"status": "affected",
"version": "3.2\\(5e\\)"
},
{
"status": "affected",
"version": "4.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(41d\\)"
},
{
"status": "affected",
"version": "1.1\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(1m\\)"
},
{
"status": "affected",
"version": "1.2\\(2j\\)"
},
{
"status": "affected",
"version": "2.2\\(4r\\)"
},
{
"status": "affected",
"version": "2.2\\(3j\\)"
},
{
"status": "affected",
"version": "1.1\\(3f\\)"
},
{
"status": "affected",
"version": "2.2\\(2f\\)"
},
{
"status": "affected",
"version": "1.1\\(4m\\)"
},
{
"status": "affected",
"version": "2.2\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(1p\\)"
},
{
"status": "affected",
"version": "3.1\\(2p\\)"
},
{
"status": "affected",
"version": "3.2\\(3s\\)"
},
{
"status": "affected",
"version": "4.0\\(3c\\)"
},
{
"status": "affected",
"version": "1.1\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(4f\\)"
},
{
"status": "affected",
"version": "2.1\\(3h\\)"
},
{
"status": "affected",
"version": "3.2\\(4d\\)"
},
{
"status": "affected",
"version": "2.0\\(1n\\)"
},
{
"status": "affected",
"version": "2.0\\(1m\\)"
},
{
"status": "affected",
"version": "2.0\\(1r\\)"
},
{
"status": "affected",
"version": "2.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(3n\\)"
},
{
"status": "affected",
"version": "2.0\\(1l\\)"
},
{
"status": "affected",
"version": "2.2\\(2e\\)"
},
{
"status": "affected",
"version": "2.2\\(3r\\)"
},
{
"status": "affected",
"version": "3.0\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(3g\\)"
},
{
"status": "affected",
"version": "4.0\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(1o\\)"
},
{
"status": "affected",
"version": "2.2\\(3p\\)"
},
{
"status": "affected",
"version": "1.2\\(3e\\)"
},
{
"status": "affected",
"version": "2.2\\(3s\\)"
},
{
"status": "affected",
"version": "2.0\\(2g\\)"
},
{
"status": "affected",
"version": "4.1\\(1l\\)"
},
{
"status": "affected",
"version": "3.2\\(9f\\)"
},
{
"status": "affected",
"version": "4.2\\(3l\\)"
},
{
"status": "affected",
"version": "4.2\\(2g\\)"
},
{
"status": "affected",
"version": "1.2\\(3c\\)"
},
{
"status": "affected",
"version": "3.2\\(7k\\)"
},
{
"status": "affected",
"version": "1.3\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(9b\\)"
},
{
"status": "affected",
"version": "1.3\\(2k\\)"
},
{
"status": "affected",
"version": "3.1\\(2t\\)"
},
{
"status": "affected",
"version": "1.1\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(3j\\)"
},
{
"status": "affected",
"version": "2.1\\(2k\\)"
},
{
"status": "affected",
"version": "2.3\\(1f\\)"
},
{
"status": "affected",
"version": "1.2\\(3h\\)"
},
{
"status": "affected",
"version": "3.0\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2u\\)"
},
{
"status": "affected",
"version": "4.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.1\\(1a\\)"
},
{
"status": "affected",
"version": "4.0\\(3d\\)"
},
{
"status": "affected",
"version": "1.1\\(4l\\)"
},
{
"status": "affected",
"version": "2.3\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(2q\\)"
},
{
"status": "affected",
"version": "3.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(2m\\)"
},
{
"status": "affected",
"version": "3.0\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2q\\)"
},
{
"status": "affected",
"version": "2.3\\(1l\\)"
},
{
"status": "affected",
"version": "1.3\\(1h\\)"
},
{
"status": "affected",
"version": "3.0\\(2n\\)"
},
{
"status": "affected",
"version": "3.2\\(5f\\)"
},
{
"status": "affected",
"version": "1.2\\(1h\\)"
},
{
"status": "affected",
"version": "3.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.2\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(1i\\)"
},
{
"status": "affected",
"version": "1.3\\(1j\\)"
},
{
"status": "affected",
"version": "2.1\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(2l\\)"
},
{
"status": "affected",
"version": "2.0\\(2h\\)"
},
{
"status": "affected",
"version": "1.2\\(2g\\)"
},
{
"status": "affected",
"version": "3.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(1g\\)"
},
{
"status": "affected",
"version": "2.1\\(2g\\)"
},
{
"status": "affected",
"version": "2.0\\(1q\\)"
},
{
"status": "affected",
"version": "1.1\\(1j\\)"
},
{
"status": "affected",
"version": "4.1\\(2g\\)"
},
{
"status": "affected",
"version": "1.1\\(1r\\)"
},
{
"status": "affected",
"version": "4.2\\(2f\\)"
},
{
"status": "affected",
"version": "3.2\\(6i\\)"
},
{
"status": "affected",
"version": "1.3\\(1g\\)"
},
{
"status": "affected",
"version": "1.3\\(2j\\)"
},
{
"status": "affected",
"version": "1.3\\(2i\\)"
},
{
"status": "affected",
"version": "2.0\\(2o\\)"
},
{
"status": "affected",
"version": "2.2\\(4q\\)"
},
{
"status": "affected",
"version": "2.3\\(1o\\)"
},
{
"status": "affected",
"version": "3.2\\(3i\\)"
},
{
"status": "affected",
"version": "2.2\\(2j\\)"
},
{
"status": "affected",
"version": "1.1\\(1d\\)"
},
{
"status": "affected",
"version": "2.0\\(2n\\)"
},
{
"status": "affected",
"version": "2.2\\(3t\\)"
},
{
"status": "affected",
"version": "3.2\\(3n\\)"
},
{
"status": "affected",
"version": "1.1\\(4g\\)"
},
{
"status": "affected",
"version": "4.1\\(2x\\)"
},
{
"status": "affected",
"version": "3.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(2i\\)"
},
{
"status": "affected",
"version": "2.1\\(2f\\)"
},
{
"status": "affected",
"version": "1.3\\(2f\\)"
},
{
"status": "affected",
"version": "4.2\\(3q\\)"
},
{
"status": "affected",
"version": "4.1\\(1j\\)"
},
{
"status": "affected",
"version": "2.0\\(2f\\)"
},
{
"status": "affected",
"version": "2.3\\(1e\\)"
},
{
"status": "affected",
"version": "1.1\\(1s\\)"
},
{
"status": "affected",
"version": "3.1\\(2v\\)"
},
{
"status": "affected",
"version": "4.1\\(2w\\)"
},
{
"status": "affected",
"version": "1.1\\(4i\\)"
},
{
"status": "affected",
"version": "3.1\\(2u\\)"
},
{
"status": "affected",
"version": "1.1\\(4f\\)"
},
{
"status": "affected",
"version": "3.0\\(2m\\)"
},
{
"status": "affected",
"version": "2.0\\(1k\\)"
},
{
"status": "affected",
"version": "3.2\\(2o\\)"
},
{
"status": "affected",
"version": "3.2\\(3r\\)"
},
{
"status": "affected",
"version": "1.1\\(2i\\)"
},
{
"status": "affected",
"version": "4.0\\(2c\\)"
},
{
"status": "affected",
"version": "1.3\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(7f\\)"
},
{
"status": "affected",
"version": "1.2\\(3m\\)"
},
{
"status": "affected",
"version": "3.2\\(3o\\)"
},
{
"status": "affected",
"version": "3.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(2l\\)"
},
{
"status": "affected",
"version": "4.2\\(1j\\)"
},
{
"status": "affected",
"version": "2.3\\(1p\\)"
},
{
"status": "affected",
"version": "2.1\\(4a\\)"
},
{
"status": "affected",
"version": "1.1\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(4p\\)"
},
{
"status": "affected",
"version": "2.1\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(4i\\)"
},
{
"status": "affected",
"version": "3.2\\(9h\\)"
},
{
"status": "affected",
"version": "5.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(4k\\)"
},
{
"status": "affected",
"version": "5.0\\(1l\\)"
},
{
"status": "affected",
"version": "5.0\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(4o\\)"
},
{
"status": "affected",
"version": "4.2\\(4p\\)"
},
{
"status": "affected",
"version": "5.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(5k\\)"
},
{
"status": "affected",
"version": "4.2\\(5l\\)"
},
{
"status": "affected",
"version": "4.2\\(5n\\)"
},
{
"status": "affected",
"version": "5.1\\(1h\\)"
},
{
"status": "affected",
"version": "4.2\\(6d\\)"
},
{
"status": "affected",
"version": "5.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(6g\\)"
},
{
"status": "affected",
"version": "4.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.1\\(3e\\)"
},
{
"status": "affected",
"version": "3.2\\(10e\\)"
},
{
"status": "affected",
"version": "4.2\\(6l\\)"
},
{
"status": "affected",
"version": "4.2\\(7f\\)"
},
{
"status": "affected",
"version": "5.1\\(4c\\)"
},
{
"status": "affected",
"version": "4.2\\(6o\\)"
},
{
"status": "affected",
"version": "5.2\\(1g\\)"
},
{
"status": "affected",
"version": "5.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(7l\\)"
},
{
"status": "affected",
"version": "3.2\\(10f\\)"
},
{
"status": "affected",
"version": "5.2\\(2f\\)"
},
{
"status": "affected",
"version": "5.2\\(2g\\)"
},
{
"status": "affected",
"version": "4.2\\(7q\\)"
},
{
"status": "affected",
"version": "5.2\\(2h\\)"
},
{
"status": "affected",
"version": "5.2\\(3f\\)"
},
{
"status": "affected",
"version": "5.2\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(3g\\)"
},
{
"status": "affected",
"version": "4.2\\(7r\\)"
},
{
"status": "affected",
"version": "4.2\\(7s\\)"
},
{
"status": "affected",
"version": "5.2\\(4d\\)"
},
{
"status": "affected",
"version": "5.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.2\\(7t\\)"
},
{
"status": "affected",
"version": "5.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.2\\(10g\\)"
},
{
"status": "affected",
"version": "5.2\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(1g\\)"
},
{
"status": "affected",
"version": "4.2\\(7u\\)"
},
{
"status": "affected",
"version": "5.2\\(5e\\)"
},
{
"status": "affected",
"version": "5.2\\(4f\\)"
},
{
"status": "affected",
"version": "5.2\\(6e\\)"
},
{
"status": "affected",
"version": "6.0\\(1j\\)"
},
{
"status": "affected",
"version": "5.2\\(6g\\)"
},
{
"status": "affected",
"version": "5.2\\(7f\\)"
},
{
"status": "affected",
"version": "4.2\\(7v\\)"
},
{
"status": "affected",
"version": "5.2\\(7g\\)"
},
{
"status": "affected",
"version": "6.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(7w\\)"
},
{
"status": "affected",
"version": "5.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.2\\(4h\\)"
},
{
"status": "affected",
"version": "5.2\\(8d\\)"
},
{
"status": "affected",
"version": "6.0\\(2j\\)"
},
{
"status": "affected",
"version": "5.2\\(8e\\)"
},
{
"status": "affected",
"version": "6.0\\(3d\\)"
},
{
"status": "affected",
"version": "6.0\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(8f\\)"
},
{
"status": "affected",
"version": "5.2\\(8g\\)"
},
{
"status": "affected",
"version": "5.3\\(1d\\)"
},
{
"status": "affected",
"version": "5.2\\(8h\\)"
},
{
"status": "affected",
"version": "6.0\\(4c\\)"
},
{
"status": "affected",
"version": "5.3\\(2a\\)"
},
{
"status": "affected",
"version": "5.2\\(8i\\)"
},
{
"status": "affected",
"version": "6.0\\(5h\\)"
},
{
"status": "affected",
"version": "5.3\\(2b\\)"
},
{
"status": "affected",
"version": "6.0\\(3g\\)"
},
{
"status": "affected",
"version": "6.0\\(5j\\)"
},
{
"status": "affected",
"version": "5.3\\(2c\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T03:56:06.255702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:11:08.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "2.2(1o)"
},
{
"status": "affected",
"version": "1.2(2h)"
},
{
"status": "affected",
"version": "2.2(2i)"
},
{
"status": "affected",
"version": "1.2(1k)"
},
{
"status": "affected",
"version": "2.2(1k)"
},
{
"status": "affected",
"version": "3.1(2m)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "1.1(1o)"
},
{
"status": "affected",
"version": "1.2(1m)"
},
{
"status": "affected",
"version": "1.2(2j)"
},
{
"status": "affected",
"version": "2.2(4r)"
},
{
"status": "affected",
"version": "2.2(3j)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.2(2f)"
},
{
"status": "affected",
"version": "1.1(4m)"
},
{
"status": "affected",
"version": "2.2(2k)"
},
{
"status": "affected",
"version": "2.1(1i)"
},
{
"status": "affected",
"version": "2.0(1p)"
},
{
"status": "affected",
"version": "3.1(2p)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "1.1(4e)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "2.2(4f)"
},
{
"status": "affected",
"version": "2.1(3h)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "2.0(1n)"
},
{
"status": "affected",
"version": "2.0(1m)"
},
{
"status": "affected",
"version": "2.0(1r)"
},
{
"status": "affected",
"version": "2.1(2e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "2.0(1l)"
},
{
"status": "affected",
"version": "2.2(2e)"
},
{
"status": "affected",
"version": "2.2(3r)"
},
{
"status": "affected",
"version": "3.0(2k)"
},
{
"status": "affected",
"version": "2.1(3g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "2.0(1o)"
},
{
"status": "affected",
"version": "2.2(3p)"
},
{
"status": "affected",
"version": "1.2(3e)"
},
{
"status": "affected",
"version": "2.2(3s)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "1.2(3c)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "1.3(2h)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "1.3(2k)"
},
{
"status": "affected",
"version": "3.1(2t)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "2.1(2k)"
},
{
"status": "affected",
"version": "2.3(1f)"
},
{
"status": "affected",
"version": "1.2(3h)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "1.1(4l)"
},
{
"status": "affected",
"version": "2.3(1i)"
},
{
"status": "affected",
"version": "3.1(2q)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.1(1i)"
},
{
"status": "affected",
"version": "2.0(2m)"
},
{
"status": "affected",
"version": "3.0(2h)"
},
{
"status": "affected",
"version": "2.2(2q)"
},
{
"status": "affected",
"version": "2.3(1l)"
},
{
"status": "affected",
"version": "1.3(1h)"
},
{
"status": "affected",
"version": "3.0(2n)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "1.2(1h)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "1.2(1i)"
},
{
"status": "affected",
"version": "1.3(1j)"
},
{
"status": "affected",
"version": "2.1(1h)"
},
{
"status": "affected",
"version": "2.0(2l)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "1.2(2g)"
},
{
"status": "affected",
"version": "3.0(1k)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "2.1(2g)"
},
{
"status": "affected",
"version": "2.0(1q)"
},
{
"status": "affected",
"version": "1.1(1j)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "1.1(1r)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "1.3(1g)"
},
{
"status": "affected",
"version": "1.3(2j)"
},
{
"status": "affected",
"version": "1.3(2i)"
},
{
"status": "affected",
"version": "2.0(2o)"
},
{
"status": "affected",
"version": "2.2(4q)"
},
{
"status": "affected",
"version": "2.3(1o)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "2.2(2j)"
},
{
"status": "affected",
"version": "1.1(1d)"
},
{
"status": "affected",
"version": "2.0(2n)"
},
{
"status": "affected",
"version": "2.2(3t)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "1.1(4g)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "3.1(2o)"
},
{
"status": "affected",
"version": "1.2(2i)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "1.3(2f)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "2.0(2f)"
},
{
"status": "affected",
"version": "2.3(1e)"
},
{
"status": "affected",
"version": "1.1(1s)"
},
{
"status": "affected",
"version": "3.1(2v)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "1.1(4i)"
},
{
"status": "affected",
"version": "3.1(2u)"
},
{
"status": "affected",
"version": "1.1(4f)"
},
{
"status": "affected",
"version": "3.0(2m)"
},
{
"status": "affected",
"version": "2.0(1k)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "1.3(1i)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "1.2(3m)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.1(2s)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "2.3(1p)"
},
{
"status": "affected",
"version": "2.1(4a)"
},
{
"status": "affected",
"version": "1.1(1n)"
},
{
"status": "affected",
"version": "2.2(1n)"
},
{
"status": "affected",
"version": "2.2(4p)"
},
{
"status": "affected",
"version": "2.1(3j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
},
{
"status": "affected",
"version": "5.3(2c)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:07.175Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-capic-priv-esc-uYQJjnuU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"source": {
"advisory": "cisco-sa-capic-priv-esc-uYQJjnuU",
"defects": [
"CSCwj32072"
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20478",
"datePublished": "2024-08-28T16:30:07.175Z",
"dateReserved": "2023-11-08T15:08:07.682Z",
"dateUpdated": "2024-09-06T14:11:08.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-20279
Vulnerability from cvelistv5
Published
2024-08-28 16:19
Modified
2024-08-28 17:54
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:54:46.155615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:54:51.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "2.2(1o)"
},
{
"status": "affected",
"version": "1.2(2h)"
},
{
"status": "affected",
"version": "2.2(2i)"
},
{
"status": "affected",
"version": "1.2(1k)"
},
{
"status": "affected",
"version": "2.2(1k)"
},
{
"status": "affected",
"version": "3.1(2m)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "1.1(1o)"
},
{
"status": "affected",
"version": "1.2(1m)"
},
{
"status": "affected",
"version": "1.2(2j)"
},
{
"status": "affected",
"version": "2.2(4r)"
},
{
"status": "affected",
"version": "2.2(3j)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.2(2f)"
},
{
"status": "affected",
"version": "1.1(4m)"
},
{
"status": "affected",
"version": "2.2(2k)"
},
{
"status": "affected",
"version": "2.1(1i)"
},
{
"status": "affected",
"version": "2.0(1p)"
},
{
"status": "affected",
"version": "3.1(2p)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "1.1(4e)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "2.2(4f)"
},
{
"status": "affected",
"version": "2.1(3h)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "2.0(1n)"
},
{
"status": "affected",
"version": "2.0(1m)"
},
{
"status": "affected",
"version": "2.0(1r)"
},
{
"status": "affected",
"version": "2.1(2e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "2.0(1l)"
},
{
"status": "affected",
"version": "2.2(2e)"
},
{
"status": "affected",
"version": "2.2(3r)"
},
{
"status": "affected",
"version": "3.0(2k)"
},
{
"status": "affected",
"version": "2.1(3g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "2.0(1o)"
},
{
"status": "affected",
"version": "2.2(3p)"
},
{
"status": "affected",
"version": "1.2(3e)"
},
{
"status": "affected",
"version": "2.2(3s)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "1.2(3c)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "1.3(2h)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "1.3(2k)"
},
{
"status": "affected",
"version": "3.1(2t)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "2.1(2k)"
},
{
"status": "affected",
"version": "2.3(1f)"
},
{
"status": "affected",
"version": "1.2(3h)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "1.1(4l)"
},
{
"status": "affected",
"version": "2.3(1i)"
},
{
"status": "affected",
"version": "3.1(2q)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.1(1i)"
},
{
"status": "affected",
"version": "2.0(2m)"
},
{
"status": "affected",
"version": "3.0(2h)"
},
{
"status": "affected",
"version": "2.2(2q)"
},
{
"status": "affected",
"version": "2.3(1l)"
},
{
"status": "affected",
"version": "1.3(1h)"
},
{
"status": "affected",
"version": "3.0(2n)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "1.2(1h)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "1.2(1i)"
},
{
"status": "affected",
"version": "1.3(1j)"
},
{
"status": "affected",
"version": "2.1(1h)"
},
{
"status": "affected",
"version": "2.0(2l)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "1.2(2g)"
},
{
"status": "affected",
"version": "3.0(1k)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "2.1(2g)"
},
{
"status": "affected",
"version": "2.0(1q)"
},
{
"status": "affected",
"version": "1.1(1j)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "1.1(1r)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "1.3(1g)"
},
{
"status": "affected",
"version": "1.3(2j)"
},
{
"status": "affected",
"version": "1.3(2i)"
},
{
"status": "affected",
"version": "2.0(2o)"
},
{
"status": "affected",
"version": "2.2(4q)"
},
{
"status": "affected",
"version": "2.3(1o)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "2.2(2j)"
},
{
"status": "affected",
"version": "1.1(1d)"
},
{
"status": "affected",
"version": "2.0(2n)"
},
{
"status": "affected",
"version": "2.2(3t)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "1.1(4g)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "3.1(2o)"
},
{
"status": "affected",
"version": "1.2(2i)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "1.3(2f)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "2.0(2f)"
},
{
"status": "affected",
"version": "2.3(1e)"
},
{
"status": "affected",
"version": "1.1(1s)"
},
{
"status": "affected",
"version": "3.1(2v)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "1.1(4i)"
},
{
"status": "affected",
"version": "3.1(2u)"
},
{
"status": "affected",
"version": "1.1(4f)"
},
{
"status": "affected",
"version": "3.0(2m)"
},
{
"status": "affected",
"version": "2.0(1k)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "1.3(1i)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "1.2(3m)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.1(2s)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "2.3(1p)"
},
{
"status": "affected",
"version": "2.1(4a)"
},
{
"status": "affected",
"version": "1.1(1n)"
},
{
"status": "affected",
"version": "2.2(1n)"
},
{
"status": "affected",
"version": "2.2(4p)"
},
{
"status": "affected",
"version": "2.1(3j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system.\u0026nbsp;This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:19:08.343Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-apic-cousmo-uBpBYGbq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-cousmo-uBpBYGbq"
}
],
"source": {
"advisory": "cisco-sa-apic-cousmo-uBpBYGbq",
"defects": [
"CSCwe67288"
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20279",
"datePublished": "2024-08-28T16:19:08.343Z",
"dateReserved": "2023-11-08T15:08:07.625Z",
"dateUpdated": "2024-08-28T17:54:51.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.