CVE-2016-1302

https://notcve.org/view.php?id=CVE-2016-1302

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3h) and 1.1 before 1.1(1j) and Nexus 9000 ACI Mode switches with software before 11.0(3h) and 11.1 before 11.1(1j) allow remote authenticated users to bypass intended RBAC restrictions via crafted REST requests, aka Bug ID CSCut12998. Dispositivos Cisco Application Policy Infrastructure Controller (APIC) con software anterior a 1.0(3h) y 1.1 en versiones anteriores a 1.1(1j) y switches Nexus 9000 ACI Mode con software anterior a 11.0(3h) y 11.1 en versiones anteriores a 11.1(1j) permite a usuarios remotos autenticados eludir las restricciones destinadas RBAC a través de peticiones REST manipuladas, también conocido como Bug ID CSCut12998. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic http://www.securitytracker.com/id/1034925 • CWE-284: Improper Access Control •