Command Injection and File Upload Vulnerabilities in Cisco APIC and Cloud APIC

Command Injection and File Upload Vulnerabilities in Cisco APIC and Cloud APIC

CVE-2021-1581 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

Learn more about our Cis Benchmark Audit For Cisco.