Text only | Text with Images

Networking-Forums.com

Professional Discussions => Vendor Advisories => Topic started by: Netwörkheäd on April 06, 2022, 06:08:52 PM

Title: Cisco Security Advisory - Cisco Application Policy Infrastructure Controller Command Injection and File Upload Vulnerabilities
Post by: Netwörkheäd on April 06, 2022, 06:08:52 PM
Cisco Application Policy Infrastructure Controller Command Injection and File Upload Vulnerabilities

<p>Multiple vulnerabilities in the web UI and API endpoints of Cisco&nbsp;Application Policy Infrastructure Controller (APIC) or Cisco&nbsp;Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system.</p>
<p>For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory.</p>
<p>Cisco&nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-mdvul-HBsJBuvW" target="_blank" rel="noopener">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-mdvul-HBsJBuvW</a></p>
     
         
Security Impact Rating:  Medium
   
   
       
CVE: CVE-2021-1580,CVE-2021-1581
Source: Cisco Application Policy Infrastructure Controller Command Injection and File Upload Vulnerabilities (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-mdvul-HBsJBuvW?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Command%20Injection%20and%20File%20Upload%20Vulnerabilities&vs_k=1)
Text only | Text with Images