Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2024-1941
Vulnerability from csaf_certbund - Published: 2024-08-28 22:00 - Updated: 2024-08-28 22:00Summary
Cisco Application Policy Infrastructure Controller: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Cisco Application Policy Infrastructure Controller (APIC) ist die architektonische Hauptkomponente der Cisco Application Centric Infrastructure.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen im Cisco Application Policy Infrastructure Controller ausnutzen, um Dateien zu manipulieren, beliebigen Code auszuführen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Cisco Application Policy Infrastructure Controller (APIC) ist die architektonische Hauptkomponente der Cisco Application Centric Infrastructure.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen im Cisco Application Policy Infrastructure Controller ausnutzen, um Dateien zu manipulieren, beliebigen Code auszuf\u00fchren oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1941 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1941.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1941 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1941"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-apic-cousmo-uBpBYGbq vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-cousmo-uBpBYGbq"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-capic-priv-esc-uYQJjnuU vom 2024-08-28",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"source_lang": "en-US",
"title": "Cisco Application Policy Infrastructure Controller: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-08-28T22:00:00.000+00:00",
"generator": {
"date": "2024-08-29T08:08:15.743+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.6"
}
},
"id": "WID-SEC-W-2024-1941",
"initial_release_date": "2024-08-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.0(6c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c6.0(6c)",
"product_id": "T037146"
}
},
{
"category": "product_version",
"name": "6.0(6c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 6.0(6c)",
"product_id": "T037146-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:6.0%25286c%2529"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.3(2c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c5.3(2c)",
"product_id": "T037147"
}
},
{
"category": "product_version",
"name": "5.3(2c)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 5.3(2c)",
"product_id": "T037147-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:5.3%25282c%2529"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.1",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c6.1",
"product_id": "T037148"
}
},
{
"category": "product_version",
"name": "6.1",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 6.1",
"product_id": "T037148-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:6.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.3(2d)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller \u003c5.3(2d)",
"product_id": "T037149"
}
},
{
"category": "product_version",
"name": "5.3(2d)",
"product": {
"name": "Cisco Application Policy Infrastructure Controller 5.3(2d)",
"product_id": "T037149-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:cisco:application_policy_infrastructure_controller:5.3%25282d%2529"
}
}
}
],
"category": "product_name",
"name": "Application Policy Infrastructure Controller"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-20279",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Cisco Application Policy Infrastructure Controller. Dieser Fehler besteht in der Implementierung der eingeschr\u00e4nkten Sicherheitsdom\u00e4ne aufgrund einer unsachgem\u00e4\u00dfen Zugriffskontrolle, wenn eingeschr\u00e4nkte Sicherheitsdom\u00e4nen zur Implementierung von Mandantenf\u00e4higkeit verwendet werden. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um untergeordnete Richtlinien zu lesen, zu \u00e4ndern oder zu l\u00f6schen, die unter Standard-Systemrichtlinien erstellt wurden."
}
],
"product_status": {
"known_affected": [
"T037147",
"T037146"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20279"
},
{
"cve": "CVE-2024-20478",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Cisco Application Policy Infrastructure Controller. Diese Schwachstelle besteht in der Software-Upgrade-Komponente aufgrund einer unzureichenden Signaturvalidierung von Software-Images. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auf dem betroffenen System auszuf\u00fchren und seine Rechte zu Root-Rechten zu erweitern."
}
],
"product_status": {
"known_affected": [
"T037147",
"T037149",
"T037146"
]
},
"release_date": "2024-08-28T22:00:00.000+00:00",
"title": "CVE-2024-20478"
}
]
}
CVE-2024-20279 (GCVE-0-2024-20279)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:19 – Updated: 2024-08-28 17:54
VLAI?
EPSS
Summary
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access.
Severity ?
4.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Affected:
3.2(8d)
Affected: 2.2(1o) Affected: 1.2(2h) Affected: 2.2(2i) Affected: 1.2(1k) Affected: 2.2(1k) Affected: 3.1(2m) Affected: 3.2(1m) Affected: 3.2(5e) Affected: 4.1(2m) Affected: 3.2(41d) Affected: 1.1(1o) Affected: 1.2(1m) Affected: 1.2(2j) Affected: 2.2(4r) Affected: 2.2(3j) Affected: 1.1(3f) Affected: 2.2(2f) Affected: 1.1(4m) Affected: 2.2(2k) Affected: 2.1(1i) Affected: 2.0(1p) Affected: 3.1(2p) Affected: 3.2(3s) Affected: 4.0(3c) Affected: 1.1(4e) Affected: 4.1(1k) Affected: 2.2(4f) Affected: 2.1(3h) Affected: 3.2(4d) Affected: 2.0(1n) Affected: 2.0(1m) Affected: 2.0(1r) Affected: 2.1(2e) Affected: 4.2(2e) Affected: 4.2(3j) Affected: 4.2(3n) Affected: 2.0(1l) Affected: 2.2(2e) Affected: 2.2(3r) Affected: 3.0(2k) Affected: 2.1(3g) Affected: 4.0(1h) Affected: 2.0(1o) Affected: 2.2(3p) Affected: 1.2(3e) Affected: 2.2(3s) Affected: 2.0(2g) Affected: 4.1(1l) Affected: 3.2(9f) Affected: 4.2(3l) Affected: 4.2(2g) Affected: 1.2(3c) Affected: 3.2(7k) Affected: 1.3(2h) Affected: 3.2(9b) Affected: 1.3(2k) Affected: 3.1(2t) Affected: 1.1(2h) Affected: 3.2(3j) Affected: 2.1(2k) Affected: 2.3(1f) Affected: 1.2(3h) Affected: 3.0(1i) Affected: 4.1(2u) Affected: 4.2(1l) Affected: 4.1(1a) Affected: 4.0(3d) Affected: 1.1(4l) Affected: 2.3(1i) Affected: 3.1(2q) Affected: 3.2(4e) Affected: 4.1(1i) Affected: 3.1(1i) Affected: 2.0(2m) Affected: 3.0(2h) Affected: 2.2(2q) Affected: 2.3(1l) Affected: 1.3(1h) Affected: 3.0(2n) Affected: 3.2(5f) Affected: 1.2(1h) Affected: 3.2(1l) Affected: 4.2(1i) Affected: 4.1(2o) Affected: 1.2(1i) Affected: 1.3(1j) Affected: 2.1(1h) Affected: 2.0(2l) Affected: 2.0(2h) Affected: 1.2(2g) Affected: 3.0(1k) Affected: 4.2(1g) Affected: 2.1(2g) Affected: 2.0(1q) Affected: 1.1(1j) Affected: 4.1(2g) Affected: 1.1(1r) Affected: 4.2(2f) Affected: 3.2(6i) Affected: 1.3(1g) Affected: 1.3(2j) Affected: 1.3(2i) Affected: 2.0(2o) Affected: 2.2(4q) Affected: 2.3(1o) Affected: 3.2(3i) Affected: 2.2(2j) Affected: 1.1(1d) Affected: 2.0(2n) Affected: 2.2(3t) Affected: 3.2(3n) Affected: 1.1(4g) Affected: 4.1(2x) Affected: 3.2(5d) Affected: 3.1(2o) Affected: 1.2(2i) Affected: 2.1(2f) Affected: 1.3(2f) Affected: 4.2(3q) Affected: 4.1(1j) Affected: 2.0(2f) Affected: 2.3(1e) Affected: 1.1(1s) Affected: 3.1(2v) Affected: 4.1(2w) Affected: 1.1(4i) Affected: 3.1(2u) Affected: 1.1(4f) Affected: 3.0(2m) Affected: 2.0(1k) Affected: 3.2(2o) Affected: 3.2(3r) Affected: 1.1(2i) Affected: 4.0(2c) Affected: 1.3(1i) Affected: 4.1(2s) Affected: 3.2(7f) Affected: 1.2(3m) Affected: 3.2(3o) Affected: 3.1(2s) Affected: 3.2(2l) Affected: 4.2(1j) Affected: 2.3(1p) Affected: 2.1(4a) Affected: 1.1(1n) Affected: 2.2(1n) Affected: 2.2(4p) Affected: 2.1(3j) Affected: 4.2(4i) Affected: 3.2(9h) Affected: 5.0(1k) Affected: 4.2(4k) Affected: 5.0(1l) Affected: 5.0(2e) Affected: 4.2(4o) Affected: 4.2(4p) Affected: 5.0(2h) Affected: 4.2(5k) Affected: 4.2(5l) Affected: 4.2(5n) Affected: 5.1(1h) Affected: 4.2(6d) Affected: 5.1(2e) Affected: 4.2(6g) Affected: 4.2(6h) Affected: 5.1(3e) Affected: 3.2(10e) Affected: 4.2(6l) Affected: 4.2(7f) Affected: 5.1(4c) Affected: 4.2(6o) Affected: 5.2(1g) Affected: 5.2(2e) Affected: 4.2(7l) Affected: 3.2(10f) Affected: 5.2(2f) Affected: 5.2(2g) Affected: 4.2(7q) Affected: 5.2(2h) Affected: 5.2(3f) Affected: 5.2(3e) Affected: 5.2(3g) Affected: 4.2(7r) Affected: 4.2(7s) Affected: 5.2(4d) Affected: 5.2(4e) Affected: 4.2(7t) Affected: 5.2(5d) Affected: 3.2(10g) Affected: 5.2(5c) Affected: 6.0(1g) Affected: 4.2(7u) Affected: 5.2(5e) Affected: 5.2(4f) Affected: 5.2(6e) Affected: 6.0(1j) Affected: 5.2(6g) Affected: 5.2(7f) Affected: 4.2(7v) Affected: 5.2(7g) Affected: 6.0(2h) Affected: 4.2(7w) Affected: 5.2(6h) Affected: 5.2(4h) Affected: 5.2(8d) Affected: 6.0(2j) Affected: 5.2(8e) Affected: 6.0(3d) Affected: 6.0(3e) Affected: 5.2(8f) Affected: 5.2(8g) Affected: 5.3(1d) Affected: 5.2(8h) Affected: 6.0(4c) Affected: 5.3(2a) Affected: 5.2(8i) Affected: 6.0(5h) Affected: 5.3(2b) Affected: 6.0(3g) Affected: 6.0(5j) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T17:54:46.155615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:54:51.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "2.2(1o)"
},
{
"status": "affected",
"version": "1.2(2h)"
},
{
"status": "affected",
"version": "2.2(2i)"
},
{
"status": "affected",
"version": "1.2(1k)"
},
{
"status": "affected",
"version": "2.2(1k)"
},
{
"status": "affected",
"version": "3.1(2m)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "1.1(1o)"
},
{
"status": "affected",
"version": "1.2(1m)"
},
{
"status": "affected",
"version": "1.2(2j)"
},
{
"status": "affected",
"version": "2.2(4r)"
},
{
"status": "affected",
"version": "2.2(3j)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.2(2f)"
},
{
"status": "affected",
"version": "1.1(4m)"
},
{
"status": "affected",
"version": "2.2(2k)"
},
{
"status": "affected",
"version": "2.1(1i)"
},
{
"status": "affected",
"version": "2.0(1p)"
},
{
"status": "affected",
"version": "3.1(2p)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "1.1(4e)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "2.2(4f)"
},
{
"status": "affected",
"version": "2.1(3h)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "2.0(1n)"
},
{
"status": "affected",
"version": "2.0(1m)"
},
{
"status": "affected",
"version": "2.0(1r)"
},
{
"status": "affected",
"version": "2.1(2e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "2.0(1l)"
},
{
"status": "affected",
"version": "2.2(2e)"
},
{
"status": "affected",
"version": "2.2(3r)"
},
{
"status": "affected",
"version": "3.0(2k)"
},
{
"status": "affected",
"version": "2.1(3g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "2.0(1o)"
},
{
"status": "affected",
"version": "2.2(3p)"
},
{
"status": "affected",
"version": "1.2(3e)"
},
{
"status": "affected",
"version": "2.2(3s)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "1.2(3c)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "1.3(2h)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "1.3(2k)"
},
{
"status": "affected",
"version": "3.1(2t)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "2.1(2k)"
},
{
"status": "affected",
"version": "2.3(1f)"
},
{
"status": "affected",
"version": "1.2(3h)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "1.1(4l)"
},
{
"status": "affected",
"version": "2.3(1i)"
},
{
"status": "affected",
"version": "3.1(2q)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.1(1i)"
},
{
"status": "affected",
"version": "2.0(2m)"
},
{
"status": "affected",
"version": "3.0(2h)"
},
{
"status": "affected",
"version": "2.2(2q)"
},
{
"status": "affected",
"version": "2.3(1l)"
},
{
"status": "affected",
"version": "1.3(1h)"
},
{
"status": "affected",
"version": "3.0(2n)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "1.2(1h)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "1.2(1i)"
},
{
"status": "affected",
"version": "1.3(1j)"
},
{
"status": "affected",
"version": "2.1(1h)"
},
{
"status": "affected",
"version": "2.0(2l)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "1.2(2g)"
},
{
"status": "affected",
"version": "3.0(1k)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "2.1(2g)"
},
{
"status": "affected",
"version": "2.0(1q)"
},
{
"status": "affected",
"version": "1.1(1j)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "1.1(1r)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "1.3(1g)"
},
{
"status": "affected",
"version": "1.3(2j)"
},
{
"status": "affected",
"version": "1.3(2i)"
},
{
"status": "affected",
"version": "2.0(2o)"
},
{
"status": "affected",
"version": "2.2(4q)"
},
{
"status": "affected",
"version": "2.3(1o)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "2.2(2j)"
},
{
"status": "affected",
"version": "1.1(1d)"
},
{
"status": "affected",
"version": "2.0(2n)"
},
{
"status": "affected",
"version": "2.2(3t)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "1.1(4g)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "3.1(2o)"
},
{
"status": "affected",
"version": "1.2(2i)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "1.3(2f)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "2.0(2f)"
},
{
"status": "affected",
"version": "2.3(1e)"
},
{
"status": "affected",
"version": "1.1(1s)"
},
{
"status": "affected",
"version": "3.1(2v)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "1.1(4i)"
},
{
"status": "affected",
"version": "3.1(2u)"
},
{
"status": "affected",
"version": "1.1(4f)"
},
{
"status": "affected",
"version": "3.0(2m)"
},
{
"status": "affected",
"version": "2.0(1k)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "1.3(1i)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "1.2(3m)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.1(2s)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "2.3(1p)"
},
{
"status": "affected",
"version": "2.1(4a)"
},
{
"status": "affected",
"version": "1.1(1n)"
},
{
"status": "affected",
"version": "2.2(1n)"
},
{
"status": "affected",
"version": "2.2(4p)"
},
{
"status": "affected",
"version": "2.1(3j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to modify the behavior of default system policies, such as quality of service (QoS) policies, on an affected system.\u0026nbsp;This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete child policies created under default system policies, which are implicitly used by all tenants in the fabric, resulting in disruption of network traffic. Exploitation is not possible for policies under tenants that an attacker has no authorization to access."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:19:08.343Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-apic-cousmo-uBpBYGbq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-cousmo-uBpBYGbq"
}
],
"source": {
"advisory": "cisco-sa-apic-cousmo-uBpBYGbq",
"defects": [
"CSCwe67288"
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20279",
"datePublished": "2024-08-28T16:19:08.343Z",
"dateReserved": "2023-11-08T15:08:07.625Z",
"dateUpdated": "2024-08-28T17:54:51.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20478 (GCVE-0-2024-20478)
Vulnerability from cvelistv5 – Published: 2024-08-28 16:30 – Updated: 2024-09-06 14:11
VLAI?
EPSS
Summary
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.
This vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.
Note: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.
Severity ?
6.5 (Medium)
CWE
- CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Affected:
3.2(8d)
Affected: 2.2(1o) Affected: 1.2(2h) Affected: 2.2(2i) Affected: 1.2(1k) Affected: 2.2(1k) Affected: 3.1(2m) Affected: 3.2(1m) Affected: 3.2(5e) Affected: 4.1(2m) Affected: 3.2(41d) Affected: 1.1(1o) Affected: 1.2(1m) Affected: 1.2(2j) Affected: 2.2(4r) Affected: 2.2(3j) Affected: 1.1(3f) Affected: 2.2(2f) Affected: 1.1(4m) Affected: 2.2(2k) Affected: 2.1(1i) Affected: 2.0(1p) Affected: 3.1(2p) Affected: 3.2(3s) Affected: 4.0(3c) Affected: 1.1(4e) Affected: 4.1(1k) Affected: 2.2(4f) Affected: 2.1(3h) Affected: 3.2(4d) Affected: 2.0(1n) Affected: 2.0(1m) Affected: 2.0(1r) Affected: 2.1(2e) Affected: 4.2(2e) Affected: 4.2(3j) Affected: 4.2(3n) Affected: 2.0(1l) Affected: 2.2(2e) Affected: 2.2(3r) Affected: 3.0(2k) Affected: 2.1(3g) Affected: 4.0(1h) Affected: 2.0(1o) Affected: 2.2(3p) Affected: 1.2(3e) Affected: 2.2(3s) Affected: 2.0(2g) Affected: 4.1(1l) Affected: 3.2(9f) Affected: 4.2(3l) Affected: 4.2(2g) Affected: 1.2(3c) Affected: 3.2(7k) Affected: 1.3(2h) Affected: 3.2(9b) Affected: 1.3(2k) Affected: 3.1(2t) Affected: 1.1(2h) Affected: 3.2(3j) Affected: 2.1(2k) Affected: 2.3(1f) Affected: 1.2(3h) Affected: 3.0(1i) Affected: 4.1(2u) Affected: 4.2(1l) Affected: 4.1(1a) Affected: 4.0(3d) Affected: 1.1(4l) Affected: 2.3(1i) Affected: 3.1(2q) Affected: 3.2(4e) Affected: 4.1(1i) Affected: 3.1(1i) Affected: 2.0(2m) Affected: 3.0(2h) Affected: 2.2(2q) Affected: 2.3(1l) Affected: 1.3(1h) Affected: 3.0(2n) Affected: 3.2(5f) Affected: 1.2(1h) Affected: 3.2(1l) Affected: 4.2(1i) Affected: 4.1(2o) Affected: 1.2(1i) Affected: 1.3(1j) Affected: 2.1(1h) Affected: 2.0(2l) Affected: 2.0(2h) Affected: 1.2(2g) Affected: 3.0(1k) Affected: 4.2(1g) Affected: 2.1(2g) Affected: 2.0(1q) Affected: 1.1(1j) Affected: 4.1(2g) Affected: 1.1(1r) Affected: 4.2(2f) Affected: 3.2(6i) Affected: 1.3(1g) Affected: 1.3(2j) Affected: 1.3(2i) Affected: 2.0(2o) Affected: 2.2(4q) Affected: 2.3(1o) Affected: 3.2(3i) Affected: 2.2(2j) Affected: 1.1(1d) Affected: 2.0(2n) Affected: 2.2(3t) Affected: 3.2(3n) Affected: 1.1(4g) Affected: 4.1(2x) Affected: 3.2(5d) Affected: 3.1(2o) Affected: 1.2(2i) Affected: 2.1(2f) Affected: 1.3(2f) Affected: 4.2(3q) Affected: 4.1(1j) Affected: 2.0(2f) Affected: 2.3(1e) Affected: 1.1(1s) Affected: 3.1(2v) Affected: 4.1(2w) Affected: 1.1(4i) Affected: 3.1(2u) Affected: 1.1(4f) Affected: 3.0(2m) Affected: 2.0(1k) Affected: 3.2(2o) Affected: 3.2(3r) Affected: 1.1(2i) Affected: 4.0(2c) Affected: 1.3(1i) Affected: 4.1(2s) Affected: 3.2(7f) Affected: 1.2(3m) Affected: 3.2(3o) Affected: 3.1(2s) Affected: 3.2(2l) Affected: 4.2(1j) Affected: 2.3(1p) Affected: 2.1(4a) Affected: 1.1(1n) Affected: 2.2(1n) Affected: 2.2(4p) Affected: 2.1(3j) Affected: 4.2(4i) Affected: 3.2(9h) Affected: 5.0(1k) Affected: 4.2(4k) Affected: 5.0(1l) Affected: 5.0(2e) Affected: 4.2(4o) Affected: 4.2(4p) Affected: 5.0(2h) Affected: 4.2(5k) Affected: 4.2(5l) Affected: 4.2(5n) Affected: 5.1(1h) Affected: 4.2(6d) Affected: 5.1(2e) Affected: 4.2(6g) Affected: 4.2(6h) Affected: 5.1(3e) Affected: 3.2(10e) Affected: 4.2(6l) Affected: 4.2(7f) Affected: 5.1(4c) Affected: 4.2(6o) Affected: 5.2(1g) Affected: 5.2(2e) Affected: 4.2(7l) Affected: 3.2(10f) Affected: 5.2(2f) Affected: 5.2(2g) Affected: 4.2(7q) Affected: 5.2(2h) Affected: 5.2(3f) Affected: 5.2(3e) Affected: 5.2(3g) Affected: 4.2(7r) Affected: 4.2(7s) Affected: 5.2(4d) Affected: 5.2(4e) Affected: 4.2(7t) Affected: 5.2(5d) Affected: 3.2(10g) Affected: 5.2(5c) Affected: 6.0(1g) Affected: 4.2(7u) Affected: 5.2(5e) Affected: 5.2(4f) Affected: 5.2(6e) Affected: 6.0(1j) Affected: 5.2(6g) Affected: 5.2(7f) Affected: 4.2(7v) Affected: 5.2(7g) Affected: 6.0(2h) Affected: 4.2(7w) Affected: 5.2(6h) Affected: 5.2(4h) Affected: 5.2(8d) Affected: 6.0(2j) Affected: 5.2(8e) Affected: 6.0(3d) Affected: 6.0(3e) Affected: 5.2(8f) Affected: 5.2(8g) Affected: 5.3(1d) Affected: 5.2(8h) Affected: 6.0(4c) Affected: 5.3(2a) Affected: 5.2(8i) Affected: 6.0(5h) Affected: 5.3(2b) Affected: 6.0(3g) Affected: 6.0(5j) Affected: 5.3(2c) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(41d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(6i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(3t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2x\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.0\\(2m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(2i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(2c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.3\\(1i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.2\\(3m\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.1\\(2s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.3\\(1p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(4a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:1.1\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(1n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:2.1\\(3j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4p\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5k\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5n\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(1h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6o\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7l\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7q\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7r\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7s\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7t\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7u\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7v\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7w\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3e\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8f\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(1d\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(4c\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2a\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8i\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5h\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2b\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3g\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5j\\):*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2c\\):*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "application_policy_infrastructure_controller",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "3.2\\(8d\\)"
},
{
"status": "affected",
"version": "2.2\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2i\\)"
},
{
"status": "affected",
"version": "1.2\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(1k\\)"
},
{
"status": "affected",
"version": "3.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(1m\\)"
},
{
"status": "affected",
"version": "3.2\\(5e\\)"
},
{
"status": "affected",
"version": "4.1\\(2m\\)"
},
{
"status": "affected",
"version": "3.2\\(41d\\)"
},
{
"status": "affected",
"version": "1.1\\(1o\\)"
},
{
"status": "affected",
"version": "1.2\\(1m\\)"
},
{
"status": "affected",
"version": "1.2\\(2j\\)"
},
{
"status": "affected",
"version": "2.2\\(4r\\)"
},
{
"status": "affected",
"version": "2.2\\(3j\\)"
},
{
"status": "affected",
"version": "1.1\\(3f\\)"
},
{
"status": "affected",
"version": "2.2\\(2f\\)"
},
{
"status": "affected",
"version": "1.1\\(4m\\)"
},
{
"status": "affected",
"version": "2.2\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(1p\\)"
},
{
"status": "affected",
"version": "3.1\\(2p\\)"
},
{
"status": "affected",
"version": "3.2\\(3s\\)"
},
{
"status": "affected",
"version": "4.0\\(3c\\)"
},
{
"status": "affected",
"version": "1.1\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1k\\)"
},
{
"status": "affected",
"version": "2.2\\(4f\\)"
},
{
"status": "affected",
"version": "2.1\\(3h\\)"
},
{
"status": "affected",
"version": "3.2\\(4d\\)"
},
{
"status": "affected",
"version": "2.0\\(1n\\)"
},
{
"status": "affected",
"version": "2.0\\(1m\\)"
},
{
"status": "affected",
"version": "2.0\\(1r\\)"
},
{
"status": "affected",
"version": "2.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(3n\\)"
},
{
"status": "affected",
"version": "2.0\\(1l\\)"
},
{
"status": "affected",
"version": "2.2\\(2e\\)"
},
{
"status": "affected",
"version": "2.2\\(3r\\)"
},
{
"status": "affected",
"version": "3.0\\(2k\\)"
},
{
"status": "affected",
"version": "2.1\\(3g\\)"
},
{
"status": "affected",
"version": "4.0\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(1o\\)"
},
{
"status": "affected",
"version": "2.2\\(3p\\)"
},
{
"status": "affected",
"version": "1.2\\(3e\\)"
},
{
"status": "affected",
"version": "2.2\\(3s\\)"
},
{
"status": "affected",
"version": "2.0\\(2g\\)"
},
{
"status": "affected",
"version": "4.1\\(1l\\)"
},
{
"status": "affected",
"version": "3.2\\(9f\\)"
},
{
"status": "affected",
"version": "4.2\\(3l\\)"
},
{
"status": "affected",
"version": "4.2\\(2g\\)"
},
{
"status": "affected",
"version": "1.2\\(3c\\)"
},
{
"status": "affected",
"version": "3.2\\(7k\\)"
},
{
"status": "affected",
"version": "1.3\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(9b\\)"
},
{
"status": "affected",
"version": "1.3\\(2k\\)"
},
{
"status": "affected",
"version": "3.1\\(2t\\)"
},
{
"status": "affected",
"version": "1.1\\(2h\\)"
},
{
"status": "affected",
"version": "3.2\\(3j\\)"
},
{
"status": "affected",
"version": "2.1\\(2k\\)"
},
{
"status": "affected",
"version": "2.3\\(1f\\)"
},
{
"status": "affected",
"version": "1.2\\(3h\\)"
},
{
"status": "affected",
"version": "3.0\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2u\\)"
},
{
"status": "affected",
"version": "4.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.1\\(1a\\)"
},
{
"status": "affected",
"version": "4.0\\(3d\\)"
},
{
"status": "affected",
"version": "1.1\\(4l\\)"
},
{
"status": "affected",
"version": "2.3\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(2q\\)"
},
{
"status": "affected",
"version": "3.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.1\\(1i\\)"
},
{
"status": "affected",
"version": "3.1\\(1i\\)"
},
{
"status": "affected",
"version": "2.0\\(2m\\)"
},
{
"status": "affected",
"version": "3.0\\(2h\\)"
},
{
"status": "affected",
"version": "2.2\\(2q\\)"
},
{
"status": "affected",
"version": "2.3\\(1l\\)"
},
{
"status": "affected",
"version": "1.3\\(1h\\)"
},
{
"status": "affected",
"version": "3.0\\(2n\\)"
},
{
"status": "affected",
"version": "3.2\\(5f\\)"
},
{
"status": "affected",
"version": "1.2\\(1h\\)"
},
{
"status": "affected",
"version": "3.2\\(1l\\)"
},
{
"status": "affected",
"version": "4.2\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(1i\\)"
},
{
"status": "affected",
"version": "1.3\\(1j\\)"
},
{
"status": "affected",
"version": "2.1\\(1h\\)"
},
{
"status": "affected",
"version": "2.0\\(2l\\)"
},
{
"status": "affected",
"version": "2.0\\(2h\\)"
},
{
"status": "affected",
"version": "1.2\\(2g\\)"
},
{
"status": "affected",
"version": "3.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(1g\\)"
},
{
"status": "affected",
"version": "2.1\\(2g\\)"
},
{
"status": "affected",
"version": "2.0\\(1q\\)"
},
{
"status": "affected",
"version": "1.1\\(1j\\)"
},
{
"status": "affected",
"version": "4.1\\(2g\\)"
},
{
"status": "affected",
"version": "1.1\\(1r\\)"
},
{
"status": "affected",
"version": "4.2\\(2f\\)"
},
{
"status": "affected",
"version": "3.2\\(6i\\)"
},
{
"status": "affected",
"version": "1.3\\(1g\\)"
},
{
"status": "affected",
"version": "1.3\\(2j\\)"
},
{
"status": "affected",
"version": "1.3\\(2i\\)"
},
{
"status": "affected",
"version": "2.0\\(2o\\)"
},
{
"status": "affected",
"version": "2.2\\(4q\\)"
},
{
"status": "affected",
"version": "2.3\\(1o\\)"
},
{
"status": "affected",
"version": "3.2\\(3i\\)"
},
{
"status": "affected",
"version": "2.2\\(2j\\)"
},
{
"status": "affected",
"version": "1.1\\(1d\\)"
},
{
"status": "affected",
"version": "2.0\\(2n\\)"
},
{
"status": "affected",
"version": "2.2\\(3t\\)"
},
{
"status": "affected",
"version": "3.2\\(3n\\)"
},
{
"status": "affected",
"version": "1.1\\(4g\\)"
},
{
"status": "affected",
"version": "4.1\\(2x\\)"
},
{
"status": "affected",
"version": "3.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.1\\(2o\\)"
},
{
"status": "affected",
"version": "1.2\\(2i\\)"
},
{
"status": "affected",
"version": "2.1\\(2f\\)"
},
{
"status": "affected",
"version": "1.3\\(2f\\)"
},
{
"status": "affected",
"version": "4.2\\(3q\\)"
},
{
"status": "affected",
"version": "4.1\\(1j\\)"
},
{
"status": "affected",
"version": "2.0\\(2f\\)"
},
{
"status": "affected",
"version": "2.3\\(1e\\)"
},
{
"status": "affected",
"version": "1.1\\(1s\\)"
},
{
"status": "affected",
"version": "3.1\\(2v\\)"
},
{
"status": "affected",
"version": "4.1\\(2w\\)"
},
{
"status": "affected",
"version": "1.1\\(4i\\)"
},
{
"status": "affected",
"version": "3.1\\(2u\\)"
},
{
"status": "affected",
"version": "1.1\\(4f\\)"
},
{
"status": "affected",
"version": "3.0\\(2m\\)"
},
{
"status": "affected",
"version": "2.0\\(1k\\)"
},
{
"status": "affected",
"version": "3.2\\(2o\\)"
},
{
"status": "affected",
"version": "3.2\\(3r\\)"
},
{
"status": "affected",
"version": "1.1\\(2i\\)"
},
{
"status": "affected",
"version": "4.0\\(2c\\)"
},
{
"status": "affected",
"version": "1.3\\(1i\\)"
},
{
"status": "affected",
"version": "4.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(7f\\)"
},
{
"status": "affected",
"version": "1.2\\(3m\\)"
},
{
"status": "affected",
"version": "3.2\\(3o\\)"
},
{
"status": "affected",
"version": "3.1\\(2s\\)"
},
{
"status": "affected",
"version": "3.2\\(2l\\)"
},
{
"status": "affected",
"version": "4.2\\(1j\\)"
},
{
"status": "affected",
"version": "2.3\\(1p\\)"
},
{
"status": "affected",
"version": "2.1\\(4a\\)"
},
{
"status": "affected",
"version": "1.1\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(1n\\)"
},
{
"status": "affected",
"version": "2.2\\(4p\\)"
},
{
"status": "affected",
"version": "2.1\\(3j\\)"
},
{
"status": "affected",
"version": "4.2\\(4i\\)"
},
{
"status": "affected",
"version": "3.2\\(9h\\)"
},
{
"status": "affected",
"version": "5.0\\(1k\\)"
},
{
"status": "affected",
"version": "4.2\\(4k\\)"
},
{
"status": "affected",
"version": "5.0\\(1l\\)"
},
{
"status": "affected",
"version": "5.0\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(4o\\)"
},
{
"status": "affected",
"version": "4.2\\(4p\\)"
},
{
"status": "affected",
"version": "5.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(5k\\)"
},
{
"status": "affected",
"version": "4.2\\(5l\\)"
},
{
"status": "affected",
"version": "4.2\\(5n\\)"
},
{
"status": "affected",
"version": "5.1\\(1h\\)"
},
{
"status": "affected",
"version": "4.2\\(6d\\)"
},
{
"status": "affected",
"version": "5.1\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(6g\\)"
},
{
"status": "affected",
"version": "4.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.1\\(3e\\)"
},
{
"status": "affected",
"version": "3.2\\(10e\\)"
},
{
"status": "affected",
"version": "4.2\\(6l\\)"
},
{
"status": "affected",
"version": "4.2\\(7f\\)"
},
{
"status": "affected",
"version": "5.1\\(4c\\)"
},
{
"status": "affected",
"version": "4.2\\(6o\\)"
},
{
"status": "affected",
"version": "5.2\\(1g\\)"
},
{
"status": "affected",
"version": "5.2\\(2e\\)"
},
{
"status": "affected",
"version": "4.2\\(7l\\)"
},
{
"status": "affected",
"version": "3.2\\(10f\\)"
},
{
"status": "affected",
"version": "5.2\\(2f\\)"
},
{
"status": "affected",
"version": "5.2\\(2g\\)"
},
{
"status": "affected",
"version": "4.2\\(7q\\)"
},
{
"status": "affected",
"version": "5.2\\(2h\\)"
},
{
"status": "affected",
"version": "5.2\\(3f\\)"
},
{
"status": "affected",
"version": "5.2\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(3g\\)"
},
{
"status": "affected",
"version": "4.2\\(7r\\)"
},
{
"status": "affected",
"version": "4.2\\(7s\\)"
},
{
"status": "affected",
"version": "5.2\\(4d\\)"
},
{
"status": "affected",
"version": "5.2\\(4e\\)"
},
{
"status": "affected",
"version": "4.2\\(7t\\)"
},
{
"status": "affected",
"version": "5.2\\(5d\\)"
},
{
"status": "affected",
"version": "3.2\\(10g\\)"
},
{
"status": "affected",
"version": "5.2\\(5c\\)"
},
{
"status": "affected",
"version": "6.0\\(1g\\)"
},
{
"status": "affected",
"version": "4.2\\(7u\\)"
},
{
"status": "affected",
"version": "5.2\\(5e\\)"
},
{
"status": "affected",
"version": "5.2\\(4f\\)"
},
{
"status": "affected",
"version": "5.2\\(6e\\)"
},
{
"status": "affected",
"version": "6.0\\(1j\\)"
},
{
"status": "affected",
"version": "5.2\\(6g\\)"
},
{
"status": "affected",
"version": "5.2\\(7f\\)"
},
{
"status": "affected",
"version": "4.2\\(7v\\)"
},
{
"status": "affected",
"version": "5.2\\(7g\\)"
},
{
"status": "affected",
"version": "6.0\\(2h\\)"
},
{
"status": "affected",
"version": "4.2\\(7w\\)"
},
{
"status": "affected",
"version": "5.2\\(6h\\)"
},
{
"status": "affected",
"version": "5.2\\(4h\\)"
},
{
"status": "affected",
"version": "5.2\\(8d\\)"
},
{
"status": "affected",
"version": "6.0\\(2j\\)"
},
{
"status": "affected",
"version": "5.2\\(8e\\)"
},
{
"status": "affected",
"version": "6.0\\(3d\\)"
},
{
"status": "affected",
"version": "6.0\\(3e\\)"
},
{
"status": "affected",
"version": "5.2\\(8f\\)"
},
{
"status": "affected",
"version": "5.2\\(8g\\)"
},
{
"status": "affected",
"version": "5.3\\(1d\\)"
},
{
"status": "affected",
"version": "5.2\\(8h\\)"
},
{
"status": "affected",
"version": "6.0\\(4c\\)"
},
{
"status": "affected",
"version": "5.3\\(2a\\)"
},
{
"status": "affected",
"version": "5.2\\(8i\\)"
},
{
"status": "affected",
"version": "6.0\\(5h\\)"
},
{
"status": "affected",
"version": "5.3\\(2b\\)"
},
{
"status": "affected",
"version": "6.0\\(3g\\)"
},
{
"status": "affected",
"version": "6.0\\(5j\\)"
},
{
"status": "affected",
"version": "5.3\\(2c\\)"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T03:56:06.255702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:11:08.951Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "2.2(1o)"
},
{
"status": "affected",
"version": "1.2(2h)"
},
{
"status": "affected",
"version": "2.2(2i)"
},
{
"status": "affected",
"version": "1.2(1k)"
},
{
"status": "affected",
"version": "2.2(1k)"
},
{
"status": "affected",
"version": "3.1(2m)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "1.1(1o)"
},
{
"status": "affected",
"version": "1.2(1m)"
},
{
"status": "affected",
"version": "1.2(2j)"
},
{
"status": "affected",
"version": "2.2(4r)"
},
{
"status": "affected",
"version": "2.2(3j)"
},
{
"status": "affected",
"version": "1.1(3f)"
},
{
"status": "affected",
"version": "2.2(2f)"
},
{
"status": "affected",
"version": "1.1(4m)"
},
{
"status": "affected",
"version": "2.2(2k)"
},
{
"status": "affected",
"version": "2.1(1i)"
},
{
"status": "affected",
"version": "2.0(1p)"
},
{
"status": "affected",
"version": "3.1(2p)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "1.1(4e)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "2.2(4f)"
},
{
"status": "affected",
"version": "2.1(3h)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "2.0(1n)"
},
{
"status": "affected",
"version": "2.0(1m)"
},
{
"status": "affected",
"version": "2.0(1r)"
},
{
"status": "affected",
"version": "2.1(2e)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "2.0(1l)"
},
{
"status": "affected",
"version": "2.2(2e)"
},
{
"status": "affected",
"version": "2.2(3r)"
},
{
"status": "affected",
"version": "3.0(2k)"
},
{
"status": "affected",
"version": "2.1(3g)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "2.0(1o)"
},
{
"status": "affected",
"version": "2.2(3p)"
},
{
"status": "affected",
"version": "1.2(3e)"
},
{
"status": "affected",
"version": "2.2(3s)"
},
{
"status": "affected",
"version": "2.0(2g)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "1.2(3c)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "1.3(2h)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "1.3(2k)"
},
{
"status": "affected",
"version": "3.1(2t)"
},
{
"status": "affected",
"version": "1.1(2h)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "2.1(2k)"
},
{
"status": "affected",
"version": "2.3(1f)"
},
{
"status": "affected",
"version": "1.2(3h)"
},
{
"status": "affected",
"version": "3.0(1i)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "1.1(4l)"
},
{
"status": "affected",
"version": "2.3(1i)"
},
{
"status": "affected",
"version": "3.1(2q)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.1(1i)"
},
{
"status": "affected",
"version": "2.0(2m)"
},
{
"status": "affected",
"version": "3.0(2h)"
},
{
"status": "affected",
"version": "2.2(2q)"
},
{
"status": "affected",
"version": "2.3(1l)"
},
{
"status": "affected",
"version": "1.3(1h)"
},
{
"status": "affected",
"version": "3.0(2n)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "1.2(1h)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "1.2(1i)"
},
{
"status": "affected",
"version": "1.3(1j)"
},
{
"status": "affected",
"version": "2.1(1h)"
},
{
"status": "affected",
"version": "2.0(2l)"
},
{
"status": "affected",
"version": "2.0(2h)"
},
{
"status": "affected",
"version": "1.2(2g)"
},
{
"status": "affected",
"version": "3.0(1k)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "2.1(2g)"
},
{
"status": "affected",
"version": "2.0(1q)"
},
{
"status": "affected",
"version": "1.1(1j)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "1.1(1r)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "1.3(1g)"
},
{
"status": "affected",
"version": "1.3(2j)"
},
{
"status": "affected",
"version": "1.3(2i)"
},
{
"status": "affected",
"version": "2.0(2o)"
},
{
"status": "affected",
"version": "2.2(4q)"
},
{
"status": "affected",
"version": "2.3(1o)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "2.2(2j)"
},
{
"status": "affected",
"version": "1.1(1d)"
},
{
"status": "affected",
"version": "2.0(2n)"
},
{
"status": "affected",
"version": "2.2(3t)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "1.1(4g)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "3.1(2o)"
},
{
"status": "affected",
"version": "1.2(2i)"
},
{
"status": "affected",
"version": "2.1(2f)"
},
{
"status": "affected",
"version": "1.3(2f)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "2.0(2f)"
},
{
"status": "affected",
"version": "2.3(1e)"
},
{
"status": "affected",
"version": "1.1(1s)"
},
{
"status": "affected",
"version": "3.1(2v)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "1.1(4i)"
},
{
"status": "affected",
"version": "3.1(2u)"
},
{
"status": "affected",
"version": "1.1(4f)"
},
{
"status": "affected",
"version": "3.0(2m)"
},
{
"status": "affected",
"version": "2.0(1k)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "1.1(2i)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "1.3(1i)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "1.2(3m)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.1(2s)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "2.3(1p)"
},
{
"status": "affected",
"version": "2.1(4a)"
},
{
"status": "affected",
"version": "1.1(1n)"
},
{
"status": "affected",
"version": "2.2(1n)"
},
{
"status": "affected",
"version": "2.2(4p)"
},
{
"status": "affected",
"version": "2.1(3j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
},
{
"status": "affected",
"version": "5.3(2c)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco\u0026nbsp;Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.\r\n\r\nThis vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root.\r\nNote: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "Execution with Unnecessary Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T16:30:07.175Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-capic-priv-esc-uYQJjnuU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-priv-esc-uYQJjnuU"
}
],
"source": {
"advisory": "cisco-sa-capic-priv-esc-uYQJjnuU",
"defects": [
"CSCwj32072"
],
"discovery": "INTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20478",
"datePublished": "2024-08-28T16:30:07.175Z",
"dateReserved": "2023-11-08T15:08:07.682Z",
"dateUpdated": "2024-09-06T14:11:08.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…