Action not permitted
Modal body text goes here.
ghsa-j3cr-gpf3-q8w2
Vulnerability from github
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.
This vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root. Note: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.
{ "affected": [], "aliases": [ "CVE-2024-20478" ], "database_specific": { "cwe_ids": [ "CWE-250" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-08-28T17:15:10Z", "severity": "MODERATE" }, "details": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\n\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.", "id": "GHSA-j3cr-gpf3-q8w2", "modified": "2024-08-28T18:31:54Z", "published": "2024-08-28T18:31:54Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-20478" }, { "type": "WEB", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "type": "CVSS_V3" } ] }
cve-2024-20478
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(8d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(41d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(3f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(1h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2t\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2u\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(6i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3t\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2x\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2v\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2w\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2u\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(2c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3m\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(4a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4p\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5k\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5n\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(1h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(4c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6o\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(1g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7l\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7q\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7r\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7s\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7t\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7u\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7v\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7w\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3e\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8f\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(1d\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(4c\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2a\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8i\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5h\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2b\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3g\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5j\\):*:*:*:*:*:*:*", "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2c\\):*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "application_policy_infrastructure_controller", "vendor": "cisco", "versions": [ { "status": "affected", "version": "3.2\\(8d\\)" }, { "status": "affected", "version": "2.2\\(1o\\)" }, { "status": "affected", "version": "1.2\\(2h\\)" }, { "status": "affected", "version": "2.2\\(2i\\)" }, { "status": "affected", "version": "1.2\\(1k\\)" }, { "status": "affected", "version": "2.2\\(1k\\)" }, { "status": "affected", "version": "3.1\\(2m\\)" }, { "status": "affected", "version": "3.2\\(1m\\)" }, { "status": "affected", "version": "3.2\\(5e\\)" }, { "status": "affected", "version": "4.1\\(2m\\)" }, { "status": "affected", "version": "3.2\\(41d\\)" }, { "status": "affected", "version": "1.1\\(1o\\)" }, { "status": "affected", "version": "1.2\\(1m\\)" }, { "status": "affected", "version": "1.2\\(2j\\)" }, { "status": "affected", "version": "2.2\\(4r\\)" }, { "status": "affected", "version": "2.2\\(3j\\)" }, { "status": "affected", "version": "1.1\\(3f\\)" }, { "status": "affected", "version": "2.2\\(2f\\)" }, { "status": "affected", "version": "1.1\\(4m\\)" }, { "status": "affected", "version": "2.2\\(2k\\)" }, { "status": "affected", "version": "2.1\\(1i\\)" }, { "status": "affected", "version": "2.0\\(1p\\)" }, { "status": "affected", "version": "3.1\\(2p\\)" }, { "status": "affected", "version": "3.2\\(3s\\)" }, { "status": "affected", "version": "4.0\\(3c\\)" }, { "status": "affected", "version": "1.1\\(4e\\)" }, { "status": "affected", "version": "4.1\\(1k\\)" }, { "status": "affected", "version": "2.2\\(4f\\)" }, { "status": "affected", "version": "2.1\\(3h\\)" }, { "status": "affected", "version": "3.2\\(4d\\)" }, { "status": "affected", "version": "2.0\\(1n\\)" }, { "status": "affected", "version": "2.0\\(1m\\)" }, { "status": "affected", "version": "2.0\\(1r\\)" }, { "status": "affected", "version": "2.1\\(2e\\)" }, { "status": "affected", "version": "4.2\\(2e\\)" }, { "status": "affected", "version": "4.2\\(3j\\)" }, { "status": "affected", "version": "4.2\\(3n\\)" }, { "status": "affected", "version": "2.0\\(1l\\)" }, { "status": "affected", "version": "2.2\\(2e\\)" }, { "status": "affected", "version": "2.2\\(3r\\)" }, { "status": "affected", "version": "3.0\\(2k\\)" }, { "status": "affected", "version": "2.1\\(3g\\)" }, { "status": "affected", "version": "4.0\\(1h\\)" }, { "status": "affected", "version": "2.0\\(1o\\)" }, { "status": "affected", "version": "2.2\\(3p\\)" }, { "status": "affected", "version": "1.2\\(3e\\)" }, { "status": "affected", "version": "2.2\\(3s\\)" }, { "status": "affected", "version": "2.0\\(2g\\)" }, { "status": "affected", "version": "4.1\\(1l\\)" }, { "status": "affected", "version": "3.2\\(9f\\)" }, { "status": "affected", "version": "4.2\\(3l\\)" }, { "status": "affected", "version": "4.2\\(2g\\)" }, { "status": "affected", "version": "1.2\\(3c\\)" }, { "status": "affected", "version": "3.2\\(7k\\)" }, { "status": "affected", "version": "1.3\\(2h\\)" }, { "status": "affected", "version": "3.2\\(9b\\)" }, { "status": "affected", "version": "1.3\\(2k\\)" }, { "status": "affected", "version": "3.1\\(2t\\)" }, { "status": "affected", "version": "1.1\\(2h\\)" }, { "status": "affected", "version": "3.2\\(3j\\)" }, { "status": "affected", "version": "2.1\\(2k\\)" }, { "status": "affected", "version": "2.3\\(1f\\)" }, { "status": "affected", "version": "1.2\\(3h\\)" }, { "status": "affected", "version": "3.0\\(1i\\)" }, { "status": "affected", "version": "4.1\\(2u\\)" }, { "status": "affected", "version": "4.2\\(1l\\)" }, { "status": "affected", "version": "4.1\\(1a\\)" }, { "status": "affected", "version": "4.0\\(3d\\)" }, { "status": "affected", "version": "1.1\\(4l\\)" }, { "status": "affected", "version": "2.3\\(1i\\)" }, { "status": "affected", "version": "3.1\\(2q\\)" }, { "status": "affected", "version": "3.2\\(4e\\)" }, { "status": "affected", "version": "4.1\\(1i\\)" }, { "status": "affected", "version": "3.1\\(1i\\)" }, { "status": "affected", "version": "2.0\\(2m\\)" }, { "status": "affected", "version": "3.0\\(2h\\)" }, { "status": "affected", "version": "2.2\\(2q\\)" }, { "status": "affected", "version": "2.3\\(1l\\)" }, { "status": "affected", "version": "1.3\\(1h\\)" }, { "status": "affected", "version": "3.0\\(2n\\)" }, { "status": "affected", "version": "3.2\\(5f\\)" }, { "status": "affected", "version": "1.2\\(1h\\)" }, { "status": "affected", "version": "3.2\\(1l\\)" }, { "status": "affected", "version": "4.2\\(1i\\)" }, { "status": "affected", "version": "4.1\\(2o\\)" }, { "status": "affected", "version": "1.2\\(1i\\)" }, { "status": "affected", "version": "1.3\\(1j\\)" }, { "status": "affected", "version": "2.1\\(1h\\)" }, { "status": "affected", "version": "2.0\\(2l\\)" }, { "status": "affected", "version": "2.0\\(2h\\)" }, { "status": "affected", "version": "1.2\\(2g\\)" }, { "status": "affected", "version": "3.0\\(1k\\)" }, { "status": "affected", "version": "4.2\\(1g\\)" }, { "status": "affected", "version": "2.1\\(2g\\)" }, { "status": "affected", "version": "2.0\\(1q\\)" }, { "status": "affected", "version": "1.1\\(1j\\)" }, { "status": "affected", "version": "4.1\\(2g\\)" }, { "status": "affected", "version": "1.1\\(1r\\)" }, { "status": "affected", "version": "4.2\\(2f\\)" }, { "status": "affected", "version": "3.2\\(6i\\)" }, { "status": "affected", "version": "1.3\\(1g\\)" }, { "status": "affected", "version": "1.3\\(2j\\)" }, { "status": "affected", "version": "1.3\\(2i\\)" }, { "status": "affected", "version": "2.0\\(2o\\)" }, { "status": "affected", "version": "2.2\\(4q\\)" }, { "status": "affected", "version": "2.3\\(1o\\)" }, { "status": "affected", "version": "3.2\\(3i\\)" }, { "status": "affected", "version": "2.2\\(2j\\)" }, { "status": "affected", "version": "1.1\\(1d\\)" }, { "status": "affected", "version": "2.0\\(2n\\)" }, { "status": "affected", "version": "2.2\\(3t\\)" }, { "status": "affected", "version": "3.2\\(3n\\)" }, { "status": "affected", "version": "1.1\\(4g\\)" }, { "status": "affected", "version": "4.1\\(2x\\)" }, { "status": "affected", "version": "3.2\\(5d\\)" }, { "status": "affected", "version": "3.1\\(2o\\)" }, { "status": "affected", "version": "1.2\\(2i\\)" }, { "status": "affected", "version": "2.1\\(2f\\)" }, { "status": "affected", "version": "1.3\\(2f\\)" }, { "status": "affected", "version": "4.2\\(3q\\)" }, { "status": "affected", "version": "4.1\\(1j\\)" }, { "status": "affected", "version": "2.0\\(2f\\)" }, { "status": "affected", "version": "2.3\\(1e\\)" }, { "status": "affected", "version": "1.1\\(1s\\)" }, { "status": "affected", "version": "3.1\\(2v\\)" }, { "status": "affected", "version": "4.1\\(2w\\)" }, { "status": "affected", "version": "1.1\\(4i\\)" }, { "status": "affected", "version": "3.1\\(2u\\)" }, { "status": "affected", "version": "1.1\\(4f\\)" }, { "status": "affected", "version": "3.0\\(2m\\)" }, { "status": "affected", "version": "2.0\\(1k\\)" }, { "status": "affected", "version": "3.2\\(2o\\)" }, { "status": "affected", "version": "3.2\\(3r\\)" }, { "status": "affected", "version": "1.1\\(2i\\)" }, { "status": "affected", "version": "4.0\\(2c\\)" }, { "status": "affected", "version": "1.3\\(1i\\)" }, { "status": "affected", "version": "4.1\\(2s\\)" }, { "status": "affected", "version": "3.2\\(7f\\)" }, { "status": "affected", "version": "1.2\\(3m\\)" }, { "status": "affected", "version": "3.2\\(3o\\)" }, { "status": "affected", "version": "3.1\\(2s\\)" }, { "status": "affected", "version": "3.2\\(2l\\)" }, { "status": "affected", "version": "4.2\\(1j\\)" }, { "status": "affected", "version": "2.3\\(1p\\)" }, { "status": "affected", "version": "2.1\\(4a\\)" }, { "status": "affected", "version": "1.1\\(1n\\)" }, { "status": "affected", "version": "2.2\\(1n\\)" }, { "status": "affected", "version": "2.2\\(4p\\)" }, { "status": "affected", "version": "2.1\\(3j\\)" }, { "status": "affected", "version": "4.2\\(4i\\)" }, { "status": "affected", "version": "3.2\\(9h\\)" }, { "status": "affected", "version": "5.0\\(1k\\)" }, { "status": "affected", "version": "4.2\\(4k\\)" }, { "status": "affected", "version": "5.0\\(1l\\)" }, { "status": "affected", "version": "5.0\\(2e\\)" }, { "status": "affected", "version": "4.2\\(4o\\)" }, { "status": "affected", "version": "4.2\\(4p\\)" }, { "status": "affected", "version": "5.0\\(2h\\)" }, { "status": "affected", "version": "4.2\\(5k\\)" }, { "status": "affected", "version": "4.2\\(5l\\)" }, { "status": "affected", "version": "4.2\\(5n\\)" }, { "status": "affected", "version": "5.1\\(1h\\)" }, { "status": "affected", "version": "4.2\\(6d\\)" }, { "status": "affected", "version": "5.1\\(2e\\)" }, { "status": "affected", "version": "4.2\\(6g\\)" }, { "status": "affected", "version": "4.2\\(6h\\)" }, { "status": "affected", "version": "5.1\\(3e\\)" }, { "status": "affected", "version": "3.2\\(10e\\)" }, { "status": "affected", "version": "4.2\\(6l\\)" }, { "status": "affected", "version": "4.2\\(7f\\)" }, { "status": "affected", "version": "5.1\\(4c\\)" }, { "status": "affected", "version": "4.2\\(6o\\)" }, { "status": "affected", "version": "5.2\\(1g\\)" }, { "status": "affected", "version": "5.2\\(2e\\)" }, { "status": "affected", "version": "4.2\\(7l\\)" }, { "status": "affected", "version": "3.2\\(10f\\)" }, { "status": "affected", "version": "5.2\\(2f\\)" }, { "status": "affected", "version": "5.2\\(2g\\)" }, { "status": "affected", "version": "4.2\\(7q\\)" }, { "status": "affected", "version": "5.2\\(2h\\)" }, { "status": "affected", "version": "5.2\\(3f\\)" }, { "status": "affected", "version": "5.2\\(3e\\)" }, { "status": "affected", "version": "5.2\\(3g\\)" }, { "status": "affected", "version": "4.2\\(7r\\)" }, { "status": "affected", "version": "4.2\\(7s\\)" }, { "status": "affected", "version": "5.2\\(4d\\)" }, { "status": "affected", "version": "5.2\\(4e\\)" }, { "status": "affected", "version": "4.2\\(7t\\)" }, { "status": "affected", "version": "5.2\\(5d\\)" }, { "status": "affected", "version": "3.2\\(10g\\)" }, { "status": "affected", "version": "5.2\\(5c\\)" }, { "status": "affected", "version": "6.0\\(1g\\)" }, { "status": "affected", "version": "4.2\\(7u\\)" }, { "status": "affected", "version": "5.2\\(5e\\)" }, { "status": "affected", "version": "5.2\\(4f\\)" }, { "status": "affected", "version": "5.2\\(6e\\)" }, { "status": "affected", "version": "6.0\\(1j\\)" }, { "status": "affected", "version": "5.2\\(6g\\)" }, { "status": "affected", "version": "5.2\\(7f\\)" }, { "status": "affected", "version": "4.2\\(7v\\)" }, { "status": "affected", "version": "5.2\\(7g\\)" }, { "status": "affected", "version": "6.0\\(2h\\)" }, { "status": "affected", "version": "4.2\\(7w\\)" }, { "status": "affected", "version": "5.2\\(6h\\)" }, { "status": "affected", "version": "5.2\\(4h\\)" }, { "status": "affected", "version": "5.2\\(8d\\)" }, { "status": "affected", "version": "6.0\\(2j\\)" }, { "status": "affected", "version": "5.2\\(8e\\)" }, { "status": "affected", "version": "6.0\\(3d\\)" }, { "status": "affected", "version": "6.0\\(3e\\)" }, { "status": "affected", "version": "5.2\\(8f\\)" }, { "status": "affected", "version": "5.2\\(8g\\)" }, { "status": "affected", "version": "5.3\\(1d\\)" }, { "status": "affected", "version": "5.2\\(8h\\)" }, { "status": "affected", "version": "6.0\\(4c\\)" }, { "status": "affected", "version": "5.3\\(2a\\)" }, { "status": "affected", "version": "5.2\\(8i\\)" }, { "status": "affected", "version": "6.0\\(5h\\)" }, { "status": "affected", "version": "5.3\\(2b\\)" }, { "status": "affected", "version": "6.0\\(3g\\)" }, { "status": "affected", "version": "6.0\\(5j\\)" }, { "status": "affected", "version": "5.3\\(2c\\)" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-20478", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-30T03:56:06.255702Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-06T14:11:08.951Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "Cisco Application Policy Infrastructure Controller (APIC)", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.2(8d)" }, { "status": "affected", "version": "2.2(1o)" }, { "status": "affected", "version": "1.2(2h)" }, { "status": "affected", "version": "2.2(2i)" }, { "status": "affected", "version": "1.2(1k)" }, { "status": "affected", "version": "2.2(1k)" }, { "status": "affected", "version": "3.1(2m)" }, { "status": "affected", "version": "3.2(1m)" }, { "status": "affected", "version": "3.2(5e)" }, { "status": "affected", "version": "4.1(2m)" }, { "status": "affected", "version": "3.2(41d)" }, { "status": "affected", "version": "1.1(1o)" }, { "status": "affected", "version": "1.2(1m)" }, { "status": "affected", "version": "1.2(2j)" }, { "status": "affected", "version": "2.2(4r)" }, { "status": "affected", "version": "2.2(3j)" }, { "status": "affected", "version": "1.1(3f)" }, { "status": "affected", "version": "2.2(2f)" }, { "status": "affected", "version": "1.1(4m)" }, { "status": "affected", "version": "2.2(2k)" }, { "status": "affected", "version": "2.1(1i)" }, { "status": "affected", "version": "2.0(1p)" }, { "status": "affected", "version": "3.1(2p)" }, { "status": "affected", "version": "3.2(3s)" }, { "status": "affected", "version": "4.0(3c)" }, { "status": "affected", "version": "1.1(4e)" }, { "status": "affected", "version": "4.1(1k)" }, { "status": "affected", "version": "2.2(4f)" }, { "status": "affected", "version": "2.1(3h)" }, { "status": "affected", "version": "3.2(4d)" }, { "status": "affected", "version": "2.0(1n)" }, { "status": "affected", "version": "2.0(1m)" }, { "status": "affected", "version": "2.0(1r)" }, { "status": "affected", "version": "2.1(2e)" }, { "status": "affected", "version": "4.2(2e)" }, { "status": "affected", "version": "4.2(3j)" }, { "status": "affected", "version": "4.2(3n)" }, { "status": "affected", "version": "2.0(1l)" }, { "status": "affected", "version": "2.2(2e)" }, { "status": "affected", "version": "2.2(3r)" }, { "status": "affected", "version": "3.0(2k)" }, { "status": "affected", "version": "2.1(3g)" }, { "status": "affected", "version": "4.0(1h)" }, { "status": "affected", "version": "2.0(1o)" }, { "status": "affected", "version": "2.2(3p)" }, { "status": "affected", "version": "1.2(3e)" }, { "status": "affected", "version": "2.2(3s)" }, { "status": "affected", "version": "2.0(2g)" }, { "status": "affected", "version": "4.1(1l)" }, { "status": "affected", "version": "3.2(9f)" }, { "status": "affected", "version": "4.2(3l)" }, { "status": "affected", "version": "4.2(2g)" }, { "status": "affected", "version": "1.2(3c)" }, { "status": "affected", "version": "3.2(7k)" }, { "status": "affected", "version": "1.3(2h)" }, { "status": "affected", "version": "3.2(9b)" }, { "status": "affected", "version": "1.3(2k)" }, { "status": "affected", "version": "3.1(2t)" }, { "status": "affected", "version": "1.1(2h)" }, { "status": "affected", "version": "3.2(3j)" }, { "status": "affected", "version": "2.1(2k)" }, { "status": "affected", "version": "2.3(1f)" }, { "status": "affected", "version": "1.2(3h)" }, { "status": "affected", "version": "3.0(1i)" }, { "status": "affected", "version": "4.1(2u)" }, { "status": "affected", "version": "4.2(1l)" }, { "status": "affected", "version": "4.1(1a)" }, { "status": "affected", "version": "4.0(3d)" }, { "status": "affected", "version": "1.1(4l)" }, { "status": "affected", "version": "2.3(1i)" }, { "status": "affected", "version": "3.1(2q)" }, { "status": "affected", "version": "3.2(4e)" }, { "status": "affected", "version": "4.1(1i)" }, { "status": "affected", "version": "3.1(1i)" }, { "status": "affected", "version": "2.0(2m)" }, { "status": "affected", "version": "3.0(2h)" }, { "status": "affected", "version": "2.2(2q)" }, { "status": "affected", "version": "2.3(1l)" }, { "status": "affected", "version": "1.3(1h)" }, { "status": "affected", "version": "3.0(2n)" }, { "status": "affected", "version": "3.2(5f)" }, { "status": "affected", "version": "1.2(1h)" }, { "status": "affected", "version": "3.2(1l)" }, { "status": "affected", "version": "4.2(1i)" }, { "status": "affected", "version": "4.1(2o)" }, { "status": "affected", "version": "1.2(1i)" }, { "status": "affected", "version": "1.3(1j)" }, { "status": "affected", "version": "2.1(1h)" }, { "status": "affected", "version": "2.0(2l)" }, { "status": "affected", "version": "2.0(2h)" }, { "status": "affected", "version": "1.2(2g)" }, { "status": "affected", "version": "3.0(1k)" }, { "status": "affected", "version": "4.2(1g)" }, { "status": "affected", "version": "2.1(2g)" }, { "status": "affected", "version": "2.0(1q)" }, { "status": "affected", "version": "1.1(1j)" }, { "status": "affected", "version": "4.1(2g)" }, { "status": "affected", "version": "1.1(1r)" }, { "status": "affected", "version": "4.2(2f)" }, { "status": "affected", "version": "3.2(6i)" }, { "status": "affected", "version": "1.3(1g)" }, { "status": "affected", "version": "1.3(2j)" }, { "status": "affected", "version": "1.3(2i)" }, { "status": "affected", "version": "2.0(2o)" }, { "status": "affected", "version": "2.2(4q)" }, { "status": "affected", "version": "2.3(1o)" }, { "status": "affected", "version": "3.2(3i)" }, { "status": "affected", "version": "2.2(2j)" }, { "status": "affected", "version": "1.1(1d)" }, { "status": "affected", "version": "2.0(2n)" }, { "status": "affected", "version": "2.2(3t)" }, { "status": "affected", "version": "3.2(3n)" }, { "status": "affected", "version": "1.1(4g)" }, { "status": "affected", "version": "4.1(2x)" }, { "status": "affected", "version": "3.2(5d)" }, { "status": "affected", "version": "3.1(2o)" }, { "status": "affected", "version": "1.2(2i)" }, { "status": "affected", "version": "2.1(2f)" }, { "status": "affected", "version": "1.3(2f)" }, { "status": "affected", "version": "4.2(3q)" }, { "status": "affected", "version": "4.1(1j)" }, { "status": "affected", "version": "2.0(2f)" }, { "status": "affected", "version": "2.3(1e)" }, { "status": "affected", "version": "1.1(1s)" }, { "status": "affected", "version": "3.1(2v)" }, { "status": "affected", "version": "4.1(2w)" }, { "status": "affected", "version": "1.1(4i)" }, { "status": "affected", "version": "3.1(2u)" }, { "status": "affected", "version": "1.1(4f)" }, { "status": "affected", "version": "3.0(2m)" }, { "status": "affected", "version": "2.0(1k)" }, { "status": "affected", "version": "3.2(2o)" }, { "status": "affected", "version": "3.2(3r)" }, { "status": "affected", "version": "1.1(2i)" }, { "status": "affected", "version": "4.0(2c)" }, { "status": "affected", "version": "1.3(1i)" }, { "status": "affected", "version": "4.1(2s)" }, { "status": "affected", "version": "3.2(7f)" }, { "status": "affected", "version": "1.2(3m)" }, { "status": "affected", "version": "3.2(3o)" }, { "status": "affected", "version": "3.1(2s)" }, { "status": "affected", "version": "3.2(2l)" }, { "status": "affected", "version": "4.2(1j)" }, { "status": "affected", "version": "2.3(1p)" }, { "status": "affected", "version": "2.1(4a)" }, { "status": "affected", "version": "1.1(1n)" }, { "status": "affected", "version": "2.2(1n)" }, { "status": "affected", "version": "2.2(4p)" }, { "status": "affected", "version": "2.1(3j)" }, { "status": "affected", "version": "4.2(4i)" }, { "status": "affected", "version": "3.2(9h)" }, { "status": "affected", "version": "5.0(1k)" }, { "status": "affected", "version": "4.2(4k)" }, { "status": "affected", "version": "5.0(1l)" }, { "status": "affected", "version": "5.0(2e)" }, { "status": "affected", "version": "4.2(4o)" }, { "status": "affected", "version": "4.2(4p)" }, { "status": "affected", "version": "5.0(2h)" }, { "status": "affected", "version": "4.2(5k)" }, { "status": "affected", "version": "4.2(5l)" }, { "status": "affected", "version": "4.2(5n)" }, { "status": "affected", "version": "5.1(1h)" }, { "status": "affected", "version": "4.2(6d)" }, { "status": "affected", "version": "5.1(2e)" }, { "status": "affected", "version": "4.2(6g)" }, { "status": "affected", "version": "4.2(6h)" }, { "status": "affected", "version": "5.1(3e)" }, { "status": "affected", "version": "3.2(10e)" }, { "status": "affected", "version": "4.2(6l)" }, { "status": "affected", "version": "4.2(7f)" }, { "status": "affected", "version": "5.1(4c)" }, { "status": "affected", "version": "4.2(6o)" }, { "status": "affected", "version": "5.2(1g)" }, { "status": "affected", "version": "5.2(2e)" }, { "status": "affected", "version": "4.2(7l)" }, { "status": "affected", "version": "3.2(10f)" }, { "status": "affected", "version": "5.2(2f)" }, { "status": "affected", "version": "5.2(2g)" }, { "status": "affected", "version": "4.2(7q)" }, { "status": "affected", "version": "5.2(2h)" }, { "status": "affected", "version": "5.2(3f)" }, { "status": "affected", "version": "5.2(3e)" }, { "status": "affected", "version": "5.2(3g)" }, { "status": "affected", "version": "4.2(7r)" }, { "status": "affected", "version": "4.2(7s)" }, { "status": "affected", "version": "5.2(4d)" }, { "status": "affected", "version": "5.2(4e)" }, { "status": "affected", "version": "4.2(7t)" }, { "status": "affected", "version": "5.2(5d)" }, { "status": "affected", "version": "3.2(10g)" }, { "status": "affected", "version": "5.2(5c)" }, { "status": "affected", "version": "6.0(1g)" }, { "status": "affected", "version": "4.2(7u)" }, { "status": "affected", "version": "5.2(5e)" }, { "status": "affected", "version": "5.2(4f)" }, { "status": "affected", "version": "5.2(6e)" }, { "status": "affected", "version": "6.0(1j)" }, { "status": "affected", "version": "5.2(6g)" }, { "status": "affected", "version": "5.2(7f)" }, { "status": "affected", "version": "4.2(7v)" }, { "status": "affected", "version": "5.2(7g)" }, { "status": "affected", "version": "6.0(2h)" }, { "status": "affected", "version": "4.2(7w)" }, { "status": "affected", "version": "5.2(6h)" }, { "status": "affected", "version": "5.2(4h)" }, { "status": "affected", "version": "5.2(8d)" }, { "status": "affected", "version": "6.0(2j)" }, { "status": "affected", "version": "5.2(8e)" }, { "status": "affected", "version": "6.0(3d)" }, { "status": "affected", "version": "6.0(3e)" }, { "status": "affected", "version": "5.2(8f)" }, { "status": "affected", "version": "5.2(8g)" }, { "status": "affected", "version": "5.3(1d)" }, { "status": "affected", "version": "5.2(8h)" }, { "status": "affected", "version": "6.0(4c)" }, { "status": "affected", "version": "5.3(2a)" }, { "status": "affected", "version": "5.2(8i)" }, { "status": "affected", "version": "6.0(5h)" }, { "status": "affected", "version": "5.3(2b)" }, { "status": "affected", "version": "6.0(3g)" }, { "status": "affected", "version": "6.0(5j)" }, { "status": "affected", "version": "5.3(2c)" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller." } ], "exploits": [ { "lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "Execution with Unnecessary Privileges", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-28T16:30:07.175Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-capic-priv-esc-uYQJjnuU", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU" } ], "source": { "advisory": "cisco-sa-capic-priv-esc-uYQJjnuU", "defects": [ "CSCwj32072" ], "discovery": "INTERNAL" }, "title": "Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability" } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2024-20478", "datePublished": "2024-08-28T16:30:07.175Z", "dateReserved": "2023-11-08T15:08:07.682Z", "dateUpdated": "2024-09-06T14:11:08.951Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.