Privilege Escalation in Cisco Application Policy Infrastructure Controller
CVE-2017-6767

7.1HIGH

Key Information:

Vendor
Cisco
Status
Application Policy Infrastructure Controller (apic)
Vendor
CVE Published:
16 August 2017

Summary

A vulnerability in the Cisco Application Policy Infrastructure Controller (APIC) allows an authenticated remote attacker to elevate their privileges beyond what is typically assigned. This occurs due to a flaw in how Role-Based Access Control manages permissions during SSH logins. When an attacker gains access to the device, their privilege level can be set to match that of the last user logged in, enabling them to execute CLI commands that should be restricted based on their original role. While this exploitation does not grant root-level access, it presents significant risks of unauthorized actions within network environments.

Affected Version(s)

Application Policy Infrastructure Controller (APIC) 1.0(1e), 1.0(1h), 1.0(1k), 1.0(1n), 1.0(2j), 1.0(2m), 1.0(3f), 1.0(3i), 1.0(3k), 1.0(3n), 1.0(4h), 1.0(4o)

Application Policy Infrastructure Controller (APIC) 1.1(0.920a), 1.1(1j), 1.1(3f)

Application Policy Infrastructure Controller (APIC) 1.2 Base, 1.2(2), 1.2(3), 1.2.2

References

http://www.securityfocus.com/bid/100400
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039180
vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecu...
vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.