Back to search
CVE-2015-4235
Published: Jul 24, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the APIC cluster-management configuration feature, aka Bug IDs CSCuu72094 and CSCuv11991.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20150722 Cisco Application Policy Infrastructure Controller Access Control Vulnerability
vendor-advisory
x_refsource_CISCO
1033025
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now