Action not permitted
Modal body text goes here.
ghsa-j3cr-gpf3-q8w2
Vulnerability from github
Published
2024-08-28 18:31
Modified
2024-08-28 18:31
Severity ?
Details
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.
This vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root. Note: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.
{
"affected": [],
"aliases": [
"CVE-2024-20478"
],
"database_specific": {
"cwe_ids": [
"CWE-250"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-28T17:15:10Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\n\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.",
"id": "GHSA-j3cr-gpf3-q8w2",
"modified": "2024-08-28T18:31:54Z",
"published": "2024-08-28T18:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20478"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
cve-2024-20478
Vulnerability from cvelistv5
Published
2024-08-28 16:30
Modified
2024-09-06 14:11
Severity ?
EPSS score ?
Summary
Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(41d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(6i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2x\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(2c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2c\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "application_policy_infrastructure_controller",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.2\\(8d\\)"
},
{
"status": "affected",
"version": "2.2\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2i\\)"
},
{
"status": "affected",
"version": "1.2\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(1k\\)"
},
{
"status": "affected",
"version": "3.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(1m\\)"
},
{
"status": "affected",
"version": "3.2\\(5e\\)"
},
{
"status": "affected",
"version": "4.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(41d\\)"
},
{
"status": "affected",
"version": "1.1\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(1m\\)"
},
{
"status": "affected",
"version": "1.2\\(2j\\)"
},
{
"status": "affected",
"version": "2.2\\(4r\\)"
},
{
"status": "affected",
"version": "2.2\\(3j\\)"
},
{
"status": "affected",
"version": "1.1\\(3f\\)"
},
{
"status": "affected",
"version": "2.2\\(2f\\)"
},
{
"status": "affected",
"version": "1.1\\(4m\\)"
},
{
"status": "affected",
"version": "2.2\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(1p\\)"
},
{
"status": "affected",
"version": "3.1\\(2p\\)"
},
{
"status": "affected",
"version": "3.2\\(3s\\)"
},
{
"status": "affected",
"version": "4.0\\(3c\\)"
},
{
"status": "affected",
"version": "1.1\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(4f\\)"
},
{
"status": "affected",
"version": "2.1\\(3h\\)"
},
{
"status": "affected",
"version": "3.2\\(4d\\)"
},
{
"status": "affected",
"version": "2.0\\(1n\\)"
},
{
"status": "affected",
"version": "2.0\\(1m\\)"
},
{
"status": "affected",
"version": "2.0\\(1r\\)"
},
{
"status": "affected",
"version": "2.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(3n\\)"
},
{
"status": "affected",
"version": "2.0\\(1l\\)"
},
{
"status": "affected",
"version": "2.2\\(2e\\)"
},
{
"status": "affected",
"version": "2.2\\(3r\\)"
},
{
"status": "affected",
"version": "3.0\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(3g\\)"
},
{
"status": "affected",
"version": "4.0\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(1o\\)"
},
{
"status": "affected",
"version": "2.2\\(3p\\)"
},
{
"status": "affected",
"version": "1.2\\(3e\\)"
},
{
"status": "affected",
"version": "2.2\\(3s\\)"
},
{
"status": "affected",
"version": "2.0\\(2g\\)"
},
{
"status": "affected",
"version": "4.1\\(1l\\)"
},
{
"status": "affected",
"version": "3.2\\(9f\\)"
},
{
"status": "affected",
"version": "4.2\\(3l\\)"
},
{
"status": "affected",
"version": "4.2\\(2g\\)"
},
{
"status": "affected",
"version": "1.2\\(3c\\)"
},
{
"status": "affected",
"version": "3.2\\(7k\\)"
},
{
"status": "affected",
"version": "1.3\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(9b\\)"
},
{
"status": "affected",
"version": "1.3\\(2k\\)"
},
{
"status": "affected",
"version": "3.1\\(2t\\)"
},
{
"status": "affected",
"version": "1.1\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(3j\\)"
},
{
"status": "affected",
"version": "2.1\\(2k\\)"
},
{
"status": "affected",
"version": "2.3\\(1f\\)"
},
{
"status": "affected",
"version": "1.2\\(3h\\)"
},
{
"status": "affected",
"version": "3.0\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2u\\)"
},
{
"status": "affected",
"version": "4.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.1\\(1a\\)"
},
{
"status": "affected",
"version": "4.0\\(3d\\)"
},
{
"status": "affected",
"version": "1.1\\(4l\\)"
},
{
"status": "affected",
"version": "2.3\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(2q\\)"
},
{
"status": "affected",
"version": "3.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(2m\\)"
},
{
"status": "affected",
"version": "3.0\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2q\\)"
},
{
"status": "affected",
"version": "2.3\\(1l\\)"
},
{
"status": "affected",
"version": "1.3\\(1h\\)"
},
{
"status": "affected",
"version": "3.0\\(2n\\)"
},
{
"status": "affected",
"version": "3.2\\(5f\\)"
},
{
"status": "affected",
"version": "1.2\\(1h\\)"
},
{
"status": "affected",
"version": "3.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.2\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(1i\\)"
},
{
"status": "affected",
"version": "1.3\\(1j\\)"
},
{
"status": "affected",
"version": "2.1\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(2l\\)"
},
{
"status": "affected",
"version": "2.0\\(2h\\)"
},
{
"status": "affected",
"version": "1.2\\(2g\\)"
},
{
"status": "affected",
"version": "3.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(1g\\)"
},
{
"status": "affected",
"version": "2.1\\(2g\\)"
},
{
"status": "affected",
"version": "2.0\\(1q\\)"
},
{
"status": "affected",
"version": "1.1\\(1j\\)"
},
{
"status": "affected",
"version": "4.1\\(2g\\)"
},
{
"status": "affected",
"version": "1.1\\(1r\\)"
},
{
"status": "affected",
"version": "4.2\\(2f\\)"
},
{
"status": "affected",
"version": "3.2\\(6i\\)"
},
{
"status": "affected",
"version": "1.3\\(1g\\)"
},
{
"status": "affected",
"version": "1.3\\(2j\\)"
},
{
"status": "affected",
"version": "1.3\\(2i\\)"
},
{
"status": "affected",
"version": "2.0\\(2o\\)"
},
{
"status": "affected",
"version": "2.2\\(4q\\)"
},
{
"status": "affected",
"version": "2.3\\(1o\\)"
},
{
"status": "affected",
"version": "3.2\\(3i\\)"
},
{
"status": "affected",
"version": "2.2\\(2j\\)"
},
{
"status": "affected",
"version": "1.1\\(1d\\)"
},
{
"status": "affected",
"version": "2.0\\(2n\\)"
},
{
"status": "affected",
"version": "2.2\\(3t\\)"
},
{
"status": "affected",
"version": "3.2\\(3n\\)"
},
{
"status": "affected",
"version": "1.1\\(4g\\)"
},
{
"status": "affected",
"version": "4.1\\(2x\\)"
},
{
"status": "affected",
"version": "3.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(2i\\)"
},
{
"status": "affected",
"version": "2.1\\(2f\\)"
},
{
"status": "affected",
"version": "1.3\\(2f\\)"
},
{
"status": "affected",
"version": "4.2\\(3q\\)"
},
{
"status": "affected",
"version": "4.1\\(1j\\)"
},
{
"status": "affected",
"version": "2.0\\(2f\\)"
},
{
"status": "affected",
"version": "2.3\\(1e\\)"
},
{
"status": "affected",
"version": "1.1\\(1s\\)"
},
{
"status": "affected",
"version": "3.1\\(2v\\)"
},
{
"status": "affected",
"version": "4.1\\(2w\\)"
},
{
"status": "affected",
"version": "1.1\\(4i\\)"
},
{
"status": "affected",
"version": "3.1\\(2u\\)"
},
{
"status": "affected",
"version": "1.1\\(4f\\)"
},
{
"status": "affected",
"version": "3.0\\(2m\\)"
},
{
"status": "affected",
"version": "2.0\\(1k\\)"
},
{
"status": "affected",
"version": "3.2\\(2o\\)"
},
{
"status": "affected",
"version": "3.2\\(3r\\)"
},
{
"status": "affected",
"version": "1.1\\(2i\\)"
},
{
"status": "affected",
"version": "4.0\\(2c\\)"
},
{
"status": "affected",
"version": "1.3\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(7f\\)"
},
{
"status": "affected",
"version": "1.2\\(3m\\)"
},
{
"status": "affected",
"version": "3.2\\(3o\\)"
},
{
"status": "affected",
"version": "3.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(2l\\)"
},
{
"status": "affected",
"version": "4.2\\(1j\\)"
},
{
"status": "affected",
"version": "2.3\\(1p\\)"
},
{
"status": "affected",
"version": "2.1\\(4a\\)"
},
{
"status": "affected",
"version": "1.1\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(4p\\)"
},
{
"status": "affected",
"version": "2.1\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(4i\\)"
},
{
"status": "affected",
"version": "3.2\\(9h\\)"
},
{
"status": "affected",
"version": "5.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(4k\\)"
},
{
"status": "affected",
"version": "5.0\\(1l\\)"
},
{
"status": "affected",
"version": "5.0\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(4o\\)"
},
{
"status": "affected",
"version": "4.2\\(4p\\)"
},
{
"status": "affected",
"version": "5.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(5k\\)"
},
{
"status": "affected",
"version": "4.2\\(5l\\)"
},
{
"status": "affected",
"version": "4.2\\(5n\\)"
},
{
"status": "affected",
"version": "5.1\\(1h\\)"
},
{
"status": "affected",
"version": "4.2\\(6d\\)"
},
{
"status": "affected",
"version": "5.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(6g\\)"
},
{
"status": "affected",
"version": "4.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.1\\(3e\\)"
},
{
"status": "affected",
"version": "3.2\\(10e\\)"
},
{
"status": "affected",
"version": "4.2\\(6l\\)"
},
{
"status": "affected",
"version": "4.2\\(7f\\)"
},
{
"status": "affected",
"version": "5.1\\(4c\\)"
},
{
"status": "affected",
"version": "4.2\\(6o\\)"
},
{
"status": "affected",
"version": "5.2\\(1g\\)"
},
{
"status": "affected",
"version": "5.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(7l\\)"
},
{
"status": "affected",
"version": "3.2\\(10f\\)"
},
{
"status": "affected",
"version": "5.2\\(2f\\)"
},
{
"status": "affected",
"version": "5.2\\(2g\\)"
},
{
"status": "affected",
"version": "4.2\\(7q\\)"
},
{
"status": "affected",
"version": "5.2\\(2h\\)"
},
{
"status": "affected",
"version": "5.2\\(3f\\)"
},
{
"status": "affected",
"version": "5.2\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(3g\\)"
},
{
"status": "affected",
"version": "4.2\\(7r\\)"
},
{
"status": "affected",
"version": "4.2\\(7s\\)"
},
{
"status": "affected",
"version": "5.2\\(4d\\)"
},
{
"status": "affected",
"version": "5.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.2\\(7t\\)"
},
{
"status": "affected",
"version": "5.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.2\\(10g\\)"
},
{
"status": "affected",
"version": "5.2\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(1g\\)"
},
{
"status": "affected",
"version": "4.2\\(7u\\)"
},
{
"status": "affected",
"version": "5.2\\(5e\\)"
},
{
"status": "affected",
"version": "5.2\\(4f\\)"
},
{
"status": "affected",
"version": "5.2\\(6e\\)"
},
{
"status": "affected",
"version": "6.0\\(1j\\)"
},
{
"status": "affected",
"version": "5.2\\(6g\\)"
},
{
"status": "affected",
"version": "5.2\\(7f\\)"
},
{
"status": "affected",
"version": "4.2\\(7v\\)"
},
{
"status": "affected",
"version": "5.2\\(7g\\)"
},
{
"status": "affected",
"version": "6.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(7w\\)"
},
{
"status": "affected",
"version": "5.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.2\\(4h\\)"
},
{
"status": "affected",
"version": "5.2\\(8d\\)"
},
{
"status": "affected",
"version": "6.0\\(2j\\)"
},
{
"status": "affected",
"version": "5.2\\(8e\\)"
},
{
"status": "affected",
"version": "6.0\\(3d\\)"
},
{
"status": "affected",
"version": "6.0\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(8f\\)"
},
{
"status": "affected",
"version": "5.2\\(8g\\)"
},
{
"status": "affected",
"version": "5.3\\(1d\\)"
},
{
"status": "affected",
"version": "5.2\\(8h\\)"
},
{
"status": "affected",
"version": "6.0\\(4c\\)"
},
{
"status": "affected",
"version": "5.3\\(2a\\)"
},
{
"status": "affected",
"version": "5.2\\(8i\\)"
},
{
"status": "affected",
"version": "6.0\\(5h\\)"
},
{
"status": "affected",
"version": "5.3\\(2b\\)"
},
{
"status": "affected",
"version": "6.0\\(3g\\)"
},
{
"status": "affected",
"version": "6.0\\(5j\\)"
},
{
"status": "affected",
"version": "5.3\\(2c\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T03:56:06.255702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:11:08.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "2.2(1o)"
},
{
"status": "affected",
"version": "1.2(2h)"
},
{
"status": "affected",
"version": "2.2(2i)"
},
{
"status": "affected",
"version": "1.2(1k)"
},
{
"status": "affected",
"version": "2.2(1k)"
},
{
"status": "affected",
"version": "3.1(2m)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "1.1(1o)"
},
{
"status": "affected",
"version": "1.2(1m)"
},
{
"status": "affected",
"version": "1.2(2j)"
},
{
"status": "affected",
"version": "2.2(4r)"
},
{
"status": "affected",
"version": "2.2(3j)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.2(2f)"
},
{
"status": "affected",
"version": "1.1(4m)"
},
{
"status": "affected",
"version": "2.2(2k)"
},
{
"status": "affected",
"version": "2.1(1i)"
},
{
"status": "affected",
"version": "2.0(1p)"
},
{
"status": "affected",
"version": "3.1(2p)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "1.1(4e)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "2.2(4f)"
},
{
"status": "affected",
"version": "2.1(3h)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "2.0(1n)"
},
{
"status": "affected",
"version": "2.0(1m)"
},
{
"status": "affected",
"version": "2.0(1r)"
},
{
"status": "affected",
"version": "2.1(2e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "2.0(1l)"
},
{
"status": "affected",
"version": "2.2(2e)"
},
{
"status": "affected",
"version": "2.2(3r)"
},
{
"status": "affected",
"version": "3.0(2k)"
},
{
"status": "affected",
"version": "2.1(3g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "2.0(1o)"
},
{
"status": "affected",
"version": "2.2(3p)"
},
{
"status": "affected",
"version": "1.2(3e)"
},
{
"status": "affected",
"version": "2.2(3s)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "1.2(3c)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "1.3(2h)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "1.3(2k)"
},
{
"status": "affected",
"version": "3.1(2t)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "2.1(2k)"
},
{
"status": "affected",
"version": "2.3(1f)"
},
{
"status": "affected",
"version": "1.2(3h)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "1.1(4l)"
},
{
"status": "affected",
"version": "2.3(1i)"
},
{
"status": "affected",
"version": "3.1(2q)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.1(1i)"
},
{
"status": "affected",
"version": "2.0(2m)"
},
{
"status": "affected",
"version": "3.0(2h)"
},
{
"status": "affected",
"version": "2.2(2q)"
},
{
"status": "affected",
"version": "2.3(1l)"
},
{
"status": "affected",
"version": "1.3(1h)"
},
{
"status": "affected",
"version": "3.0(2n)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "1.2(1h)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "1.2(1i)"
},
{
"status": "affected",
"version": "1.3(1j)"
},
{
"status": "affected",
"version": "2.1(1h)"
},
{
"status": "affected",
"version": "2.0(2l)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "1.2(2g)"
},
{
"status": "affected",
"version": "3.0(1k)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "2.1(2g)"
},
{
"status": "affected",
"version": "2.0(1q)"
},
{
"status": "affected",
"version": "1.1(1j)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "1.1(1r)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "1.3(1g)"
},
{
"status": "affected",
"version": "1.3(2j)"
},
{
"status": "affected",
"version": "1.3(2i)"
},
{
"status": "affected",
"version": "2.0(2o)"
},
{
"status": "affected",
"version": "2.2(4q)"
},
{
"status": "affected",
"version": "2.3(1o)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "2.2(2j)"
},
{
"status": "affected",
"version": "1.1(1d)"
},
{
"status": "affected",
"version": "2.0(2n)"
},
{
"status": "affected",
"version": "2.2(3t)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "1.1(4g)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "3.1(2o)"
},
{
"status": "affected",
"version": "1.2(2i)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "1.3(2f)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "2.0(2f)"
},
{
"status": "affected",
"version": "2.3(1e)"
},
{
"status": "affected",
"version": "1.1(1s)"
},
{
"status": "affected",
"version": "3.1(2v)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "1.1(4i)"
},
{
"status": "affected",
"version": "3.1(2u)"
},
{
"status": "affected",
"version": "1.1(4f)"
},
{
"status": "affected",
"version": "3.0(2m)"
},
{
"status": "affected",
"version": "2.0(1k)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "1.3(1i)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "1.2(3m)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.1(2s)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "2.3(1p)"
},
{
"status": "affected",
"version": "2.1(4a)"
},
{
"status": "affected",
"version": "1.1(1n)"
},
{
"status": "affected",
"version": "2.2(1n)"
},
{
"status": "affected",
"version": "2.2(4p)"
},
{
"status": "affected",
"version": "2.1(3j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
},
{
"status": "affected",
"version": "5.3(2c)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:07.175Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-capic-priv-esc-uYQJjnuU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"source": {
"advisory": "cisco-sa-capic-priv-esc-uYQJjnuU",
"defects": [
"CSCwj32072"
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20478",
"datePublished": "2024-08-28T16:30:07.175Z",
"dateReserved": "2023-11-08T15:08:07.682Z",
"dateUpdated": "2024-09-06T14:11:08.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.