Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Cisco Application Policy Infrastructure Controller (APIC) — Vulnerabilities & Security Advisories 25

All 25 CVE vulnerabilities found in Cisco Application Policy Infrastructure Controller (APIC), with AI-generated Chinese analysis, references, and POCs.

This page documents security weaknesses associated with the Cisco Application Policy Infrastructure Controller (APIC), categorized by standard vulnerability taxonomy. The content here aggregates data on various flaw types affecting this software-defined networking management platform, including but not limited to input validation errors, privilege escalation risks, and configuration mishandling that could compromise network integrity. The database covers vulnerabilities identified and disclosed over an extended period, ensuring a comprehensive historical record of security issues relevant to this specific enterprise controller. This timeline helps administrators assess the evolution of security posture within the APIC ecosystem and understand how vendor patches have addressed recurring architectural or implementation flaws. By examining these records, users can track the release and impact of vendor advisories related to Cisco’s infrastructure solutions. Visitors can utilize this resource to understand the characteristics of specific weakness classes as they apply to large-scale network automation tools. It also allows for a detailed lookup of a product's vulnerability history, providing context on how often certain types of bugs appear and how they are resolved. This information is critical for risk assessment, allowing security teams to prioritize remediation efforts based on the specific threat landscape facing their Cisco APIC deployments. The aggregated view simplifies the process of correlating internal security incidents with known external advisories, facilitating faster and more informed decision-making regarding system hardening and update schedules.

Vendor: Cisco

CVE IDTitleCVSSSeverityPublished
CVE-2026-20107 Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability CWE-1220 5.5 Medium2026-02-25
CVE-2025-20119 Cisco Application Policy Infrastructure Controller Authenticated Local Denial of Service Vulnerability CWE-362 6.0 Medium2025-02-26
CVE-2025-20118 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Due to Sensitive Disclosure Vulnerability CWE-212 4.4 Medium2025-02-26
CVE-2025-20117 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability CWE-77 5.1 Medium2025-02-26
CVE-2025-20116 Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability CWE-79 4.8 Medium2025-02-26
CVE-2024-20478 Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability CWE-250 6.5 Medium2024-08-28
CVE-2024-20279 Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability CWE-284 4.3 Medium2024-08-28
CVE-2023-20230 Cisco Application Policy Infrastructure Controller 安全漏洞 CWE-284 5.4 Medium2023-08-23
CVE-2023-20011 Cisco Application Policy Infrastructure Controller and Cisco Cloud Network Controller Cross-Site Request Forgery Vulnerability CWE-352 8.8 High2023-02-23
CVE-2021-1582 Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability CWE-79 5.4 Medium2021-08-25
CVE-2021-1581 Cisco Application Policy Infrastructure Controller Command Injection and File Upload Vulnerabilities CWE-284 6.5 Medium2021-08-25
CVE-2021-1580 Cisco Application Policy Infrastructure Controller Command Injection and File Upload Vulnerabilities CWE-284 6.5 Medium2021-08-25
CVE-2021-1579 Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability CWE-250 8.1 High2021-08-25
CVE-2021-1578 Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability CWE-636 8.8 High2021-08-25
CVE-2021-1577 Cisco Application Policy Infrastructure Controller Arbitrary File Read and Write Vulnerability CWE-284 9.1 Critical2021-08-25
CVE-2020-3335 Cisco Application Services Engine Software Authorization Vulnerability CWE-306 5.5 -2020-06-03
CVE-2020-3333 Cisco Application Services Engine Software Unauthenticated Event Policies Update Vulnerability CWE-306 5.3 -2020-06-03
CVE-2020-3139 Cisco Application Policy Infrastructure Controller Out Of Band Management IP Tables Bypass Vulnerability CWE-20 5.3 -2020-01-26
CVE-2019-1889 Cisco Application Policy Infrastructure Controller REST API Privilege Escalation Vulnerability CWE-264 7.2 -2019-07-04
CVE-2019-1838 Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability CWE-79 5.4 -2019-05-03
CVE-2019-1692 Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage Information Disclosure Vulnerability CWE-200 5.3 -2019-05-03
CVE-2019-1682 Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability CWE-264 7.8 -2019-05-03
CVE-2019-1586 Cisco Application Policy Infrastructure Controller Recoverable Encryption Key Vulnerability CWE-320 4.6 -2019-05-03
CVE-2019-1587 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Query Information Disclosure Vulnerability CWE-399 4.3 -2019-05-03
CVE-2019-1690 Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability CWE-284 8.3 -2019-03-11

All 25 known CVE vulnerabilities affecting Cisco Application Policy Infrastructure Controller (APIC) with full Chinese analysis, references, and POCs where available.