CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1318
https://notcve.org/view.php?id=CVE-2016-1318
09 Feb 2016 — Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCux15489. Vulnerabilidad de XSS en Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrario a través de un dato markup manipulado, también conocido como Bug ID CSCux15489. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-apic • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1305
https://notcve.org/view.php?id=CVE-2016-1305
07 Feb 2016 — Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML entities, aka Bug ID CSCux15511. Vulnerabilidad de XSS en Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores que implican entidades HTML, también conocido como... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160201-apic-em • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6337
https://notcve.org/view.php?id=CVE-2015-6337
26 Jan 2016 — Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 allows remote attackers to inject arbitrary web script or HTML via a crafted hostname in an SNMP response, aka Bug ID CSCuw47238. Vulnerabilidad de XSS en Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0.10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un hostname manipulado en una respuesta SNMP, ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6424
https://notcve.org/view.php?id=CVE-2015-6424
18 Dec 2015 — The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows local users to bypass intended access restrictions and obtain single-user-mode root access via unspecified vectors, aka Bug ID CSCuu83985. El boot manager en Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) permite a usuarios locales eludir las restricciones destinadas al acceso y obtener acceso root modo-solo-usuario a través de vectores no especificados, también conocido como Bug ID CSCuu8... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic • CWE-255: Credentials Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6333
https://notcve.org/view.php?id=CVE-2015-6333
16 Oct 2015 — Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. Cisco Application Policy Infrastructure Controller (APIC) 1.1j permite a usuarios locales ganar privilegios a través de vectores que involucran la adición de una llave SSH, también conocido como Bug ID CSCuw46076. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151012-apic • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 0CVE-2015-4235
https://notcve.org/view.php?id=CVE-2015-4235
24 Jul 2015 — Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the APIC cluster-management configuration feature, aka Bug IDs CSCuu72094 and CSCuv11991. Vulnerabilidad en dispositivos Cisco Application Policy Infrastructure Contro... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apic • CWE-264: Permissions, Privileges, and Access Controls •