Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Application Policy Infrastructure Controller Out Of Band Management IP Tables Bypass Vulnerability
Vulnerability Description
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. These IP ports would be permitted to the OOB management interface when, in fact, the packets should be dropped. The vulnerability is due to the configuration of specific IP table entries for which there is a programming logic error that results in the IP port being permitted. An attacker could exploit this vulnerability by sending traffic to the OOB management interface on the targeted device. A successful exploit could allow the attacker to bypass configured IP table rules to drop specific IP port traffic. The attacker has no control over the configuration of the device itself. This vulnerability affects Cisco APIC releases prior to the first fixed software Release 4.2(3j).
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Application Policy Infrastructure Controller 输入验证错误漏洞
Vulnerability Description
Cisco Application Policy Infrastructure Controller(APIC)是美国思科(Cisco)公司的一款自动化的基础架构部署和治理解决方案。 使用4.2(3j)之前版本固件的Cisco APIC中OOB管理接口的IP表单条目的配置存在输入验证错误漏洞。远程攻击者可利用漏洞绕过已配置的IP表规则。
CVSS Information
N/A
Vulnerability Type
N/A