Cisco Cisco Application Policy Infrastructure Controller (Apic)
25 CVEs affecting Cisco Cisco Application Policy Infrastructure Controller (Apic). Latest disclosed: 2026-02-25. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-1577 | Critical | 9.1 | 2021-08-25 | A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (C… |
CVE-2023-20011 | High | 8.8 | 2023-02-23 | A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly… |
CVE-2021-1578 | High | 8.8 | 2021-08-25 | A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (C… |
CVE-2021-1579 | High | 8.1 | 2021-08-25 | A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (C… |
CVE-2019-1682 | High | 7.8 | 2019-05-03 | A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local… |
CVE-2019-1889 | High | 7.2 | 2019-07-04 | A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticat… |
CVE-2024-20478 | Medium | 6.5 | 2024-08-28 | A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerl… |
CVE-2021-1581 | Medium | 6.5 | 2021-08-25 | Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote… |
CVE-2021-1580 | Medium | 6.5 | 2021-08-25 | Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote… |
CVE-2025-20119 | Medium | 6.0 | 2025-02-26 | A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which cou… |
CVE-2026-20107 | Medium | 5.5 | 2026-02-25 | A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to… |
CVE-2020-3335 | Medium | 5.5 | 2020-06-03 | A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of ot… |
CVE-2023-20230 | Medium | 5.4 | 2023-08-23 | A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, rem… |
CVE-2021-1582 | Medium | 5.4 | 2021-08-25 | A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to… |
CVE-2019-1838 | Medium | 5.4 | 2019-05-03 | A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacke… |
CVE-2020-3333 | Medium | 5.3 | 2020-06-03 | A vulnerability in the API of Cisco Application Services Engine Software could allow an unauthenticated, remote attacker to update event policies on an affecte… |
CVE-2020-3139 | Medium | 5.3 | 2020-01-26 | A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could all… |
CVE-2019-1692 | Medium | 5.3 | 2019-05-03 | A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, rem… |
CVE-2025-20117 | Medium | 5.1 | 2025-02-26 | A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating sy… |
CVE-2025-20116 | Medium | 4.8 | 2025-02-26 | A vulnerability in the web UI of Cisco APIC could allow an authenticated, remote attacker to perform a stored XSS attack on an affected system. To exploit this… |