Test Kennung:	1.3.6.1.4.1.25623.1.0.809051
Kategorie:	CISCO
Titel:	Cisco Application Policy Infrastructure Controller Access Bypass Vulnerability
Zusammenfassung:	Cisco Application Policy Infrastructure Controller is prone to an access bypass vulnerability.
Beschreibung:	Summary: Cisco Application Policy Infrastructure Controller is prone to an access bypass vulnerability. Vulnerability Insight: The flaw is due to an improper implementation of access controls in the APIC system and an attacker could exploit this vulnerability by accessing the boot manager of the APIC. Vulnerability Impact: Successful exploitation allows an unauthenticated, local attacker to access the APIC as the root user and perform root-level commands in single-user mode. Affected Software/OS: Cisco Application Policy Infrastructure Controller running software version 1.1(0.920a) Solution: Upgrade to Cisco Application Policy Infrastructure Controller software version as mentioned in vendor link. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6424 BugTraq ID: 79410 http://www.securityfocus.com/bid/79410 Cisco Security Advisory: 20151216 Cisco Application Policy Infrastructure Controller Insecure Credentials Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151216-apic http://www.securitytracker.com/id/1034468
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.