Cisco NX-OS Application Policy Infrastructure Controller (APIC) Lets Remote Authenticated Users Gain Elevated Privileges
SecurityTracker Alert ID: 1033025|
SecurityTracker URL: http://securitytracker.com/id/1033025
(Links to External Site)
Date: Jul 22 2015
Root access via network|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): APICs prior to 1.0(4o), 1.0(3o), 1.1(1j); Nexus 9000 Series ACI prior to 11.0(4o) and 11.1(1j)|
A vulnerability was reported in Cisco NX-OS Application Policy Infrastructure Controller (APIC). A remote authenticated user can gain elevated privileges.|
A remote authenticated user can exploit an access control flaw in the cluster management configuration and gain root access to the target system.
Cisco Application Policy Infrastructure Controllers and Cisco Nexus 9000 Series ACI Mode Switches are affected.
The vendor has assigned bug IDs CSCuu72094 and CSCuv11991 to this vulnerability.
A remote authenticated user can gain root privileges on the target system.|
The vendor has issued a fix (1.0(4o), 1.0(3o), 1.1(1j)).|
The vendor's advisory is available at:
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic (Links to External Site)
Access control error|
Source Message Contents
Subject: Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability|
-----BEGIN PGP SIGNED MESSAGE-----
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability
Advisory ID: cisco-sa-20150722-apic
For Public Release 2015 July 22 16:00 UTC (GMT)
A vulnerability in the cluster management configuration of the Cisco Application Policy Infrastructure Controller (APIC) and the Cisco Nexus 9000 Series ACI Mode Switch could allow an authenticated, remote attacker to access the APIC as the root user.
The vulnerability is due to improper implementation of access controls in the APIC filesystem. An attacker could exploit this vulnerability by accessing the cluster management configuration of the APIC. An exploit could allow the attacker to gain access to the APIC as the root user and perform root-level commands.
Cisco has released software updates that address this vulnerability.
This advisory is available at the following link:
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
-----END PGP SIGNATURE-----
cust-security-announce mailing list
To unsubscribe, send the command "unsubscribe" in the subject of your message to firstname.lastname@example.org