| Title | Cisco Application Policy Infrastructure Controller サービスにおけるアクセス制御に関する脆弱性 |
|---|---|
| Summary | Cisco Application Policy Infrastructure Controller (APIC) サービスには、アクセス制御に関する脆弱性が存在します。 |
| Possible impacts | 情報を改ざんされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | July 3, 2019, midnight |
| Registration Date | July 12, 2019, 5:32 p.m. |
| Last Update | July 12, 2019, 5:32 p.m. |
| CVSS3.0 : 警告 | |
| Score | 6.5 |
|---|---|
| Vector | CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
| CVSS2.0 : 注意 | |
| Score | 3.3 |
|---|---|
| Vector | AV:A/AC:L/Au:N/C:N/I:P/A:N |
| シスコシステムズ |
| Cisco Application Policy Infrastructure Controller (APIC) ソフトウェア |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2019年07月12日] 掲載 |
July 12, 2019, 5:32 p.m. |
| Summary | A vulnerability in the fabric infrastructure VLAN connection establishment of the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. The vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulnerability by sending a malicious LLDP packet on the adjacent subnet to the Cisco Nexus 9000 Series Switch in ACI mode. A successful exploit could allow the attacker to connect an unauthorized server to the infrastructure VLAN, which is highly privileged. With a connection to the infrastructure VLAN, the attacker can make unauthorized connections to Cisco Application Policy Infrastructure Controller (APIC) services or join other host endpoints. |
|---|---|
| Publication Date | July 5, 2019, 5:15 a.m. |
| Registration Date | Jan. 26, 2021, 11:40 a.m. |
| Last Update | Nov. 21, 2024, 1:37 p.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:cisco:application_policy_infrastructure_controller:7.3\(0\)zn\(0.113\):*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:cisco:9432pq:-:*:*:*:*:*:*:* | ||||
| 2 | cpe:2.3:h:cisco:9536pq:-:*:*:*:*:*:*:* | ||||
| 3 | cpe:2.3:h:cisco:9636pq:-:*:*:*:*:*:*:* | ||||
| 4 | cpe:2.3:h:cisco:9736pq:-:*:*:*:*:*:*:* | ||||
| 5 | cpe:2.3:h:cisco:n9k-x9432c-s:-:*:*:*:*:*:*:* | ||||
| 6 | cpe:2.3:h:cisco:n9k-x9464px:-:*:*:*:*:*:*:* | ||||
| 7 | cpe:2.3:h:cisco:n9k-x9464tx2:-:*:*:*:*:*:*:* | ||||
| 8 | cpe:2.3:h:cisco:n9k-x9564px:-:*:*:*:*:*:*:* | ||||
| 9 | cpe:2.3:h:cisco:n9k-x9564tx:-:*:*:*:*:*:*:* | ||||
| 10 | cpe:2.3:h:cisco:n9k-x9636c-r:-:*:*:*:*:*:*:* | ||||
| 11 | cpe:2.3:h:cisco:n9k-x9636c-rx:-:*:*:*:*:*:*:* | ||||
| 12 | cpe:2.3:h:cisco:n9k-x97160yc-ex:-:*:*:*:*:*:*:* | ||||
| 13 | cpe:2.3:h:cisco:n9k-x9732c-ex:-:*:*:*:*:*:*:* | ||||
| 14 | cpe:2.3:h:cisco:n9k-x9732c-fx:-:*:*:*:*:*:*:* | ||||
| 15 | cpe:2.3:h:cisco:n9k-x9736c-ex:-:*:*:*:*:*:*:* | ||||
| 16 | cpe:2.3:h:cisco:n9k-x9736c-fx:-:*:*:*:*:*:*:* | ||||
| 17 | cpe:2.3:h:cisco:n9k-x9788tc-fx:-:*:*:*:*:*:*:* | ||||
| 18 | cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:* | ||||
| 19 | cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:* | ||||
| 20 | cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:* | ||||
| 21 | cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:* | ||||
| 22 | cpe:2.3:h:cisco:nexus_9316d-gx:-:*:*:*:*:*:*:* | ||||
| 23 | cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:* | ||||
| 24 | cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:* | ||||
| 25 | cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:* | ||||
| 26 | cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:* | ||||
| 27 | cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:* | ||||
| 28 | cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:* | ||||
| 29 | cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:* | ||||
| 30 | cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:* | ||||
| 31 | cpe:2.3:h:cisco:nexus_93600cd-gx:-:*:*:*:*:*:*:* | ||||
| 32 | cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:* | ||||
| 33 | cpe:2.3:h:cisco:x9636q-r:-:*:*:*:*:*:*:* | ||||