Search criteria
3 vulnerabilities found for application_infrastructure_controller by cisco
FKIE_CVE-2016-1420
Vulnerability from fkie_nvd - Published: 2016-06-10 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:application_infrastructure_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E660D79C-0273-48AB-A8D9-CE9E5B29E9D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "139B6124-85F6-42E8-971A-DB856EF5AAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FA151405-52B1-4083-93B2-3F5226103DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F35AC2E8-3A51-4EC8-AE12-DC5487DEE407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(1n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01DAF940-D3C7-4D17-8C82-C21186825FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5D63750F-DD3C-4A17-88FB-E4D3E2DB4605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "897EBF17-1CFB-4987-9924-212286BC2C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5003326-DB6A-4E26-AE5E-8330BFED8BFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E955E14-4343-41CC-BF40-4C72509CA960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(3k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3750DA86-C98F-4893-8E55-A1315FD9A58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "540F030A-51DB-4406-A96A-0D355ECA38BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(4h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "82636FE9-5B70-43DB-B6DE-1CAB249D3F3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.0\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC741864-308B-4F54-9D48-84125DA0EEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\\(0.920a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DFCFD66-3A42-46A3-B8F4-BBEE722092BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0860BE70-2F40-42BF-90E7-BE8D80C207AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:application_policy_infrastructure_controller_firmware:1.1\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "03DD4841-B371-48E3-BD1F-67A60644E6B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347."
},
{
"lang": "es",
"value": "El componente de instalaci\u00f3n en dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software en versiones anteriores a 1.3(2f) no maneja correctamente archivos binarios, lo que permite a usuarios locales obtener acceso root a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuz72347."
}
],
"id": "CVE-2016-1420",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-10T01:59:05.037",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-1420 (GCVE-0-2016-1420)
Vulnerability from cvelistv5 – Published: 2016-06-10 01:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-10T01:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1420",
"datePublished": "2016-06-10T01:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1420 (GCVE-0-2016-1420)
Vulnerability from nvd – Published: 2016-06-10 01:00 – Updated: 2024-08-05 22:55
VLAI?
Summary
The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.344Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-10T01:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The installation component on Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.3(2f) mishandles binary files, which allows local users to obtain root access via unspecified vectors, aka Bug ID CSCuz72347."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160609 Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-apic"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1420",
"datePublished": "2016-06-10T01:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}