Описание
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to a race condition with handling system files. An attacker could exploit this vulnerability by doing specific operations on the file system. A successful exploit could allow the attacker to overwrite system files, which could lead to the device being in an inconsistent state and cause a DoS condition.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(1l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(1m\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(2l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(2o\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3n\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3o\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3r\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(3s\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(4d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(4e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(5d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(5e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(5f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(6i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(7f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(7k\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(8d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(9b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(9f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(9h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(10e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(10f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(10g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\(41d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\(1h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\(2c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\(3c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\(3d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(1i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(1j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(1k\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(1l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2m\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2o\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2s\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2u\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2w\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\(2x\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(1g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(1i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(1j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(1l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(2e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(2f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(2g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(3j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(3l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(3n\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(3q\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(4i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(4k\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(4o\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(4p\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(5k\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(5l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(5n\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(6d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(6g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(6h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(6l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(6o\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7q\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7r\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7s\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7t\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7u\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7v\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\(7w\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\(1k\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\(1l\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\(2e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\(2h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\(1h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\(2e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\(3e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\(4c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(1g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(2e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(2f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(2g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(2h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(3e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(3f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(3g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(4d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(4e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(4f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(4h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(5c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(5d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(5e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(6e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(6g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(6h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(7f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(7g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8f\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\(8i\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(1d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(2a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(2b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(2c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(2d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\(2e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(1g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(1j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(2h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(2j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(3d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(3e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(3g\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(4c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(5h\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(5j\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(6c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(7e\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\(8d\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.1\(1f\):*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00024
Низкий
6 Medium
CVSS3
5.7 Medium
CVSS3
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 6
github
12 месяцев назад
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to a race condition with handling system files. An attacker could exploit this vulnerability by doing specific operations on the file system. A successful exploit could allow the attacker to overwrite system files, which could lead to the device being in an inconsistent state and cause a DoS condition.
CVSS3: 6
fstec
12 месяцев назад
Уязвимость средства управления информационной инфраструктурой Cisco Application Policy Infrastructure Controller, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
Процентиль: 6%
0.00024
Низкий
6 Medium
CVSS3
5.7 Medium
CVSS3
Дефекты
CWE-362