CVE-2021-1579: Cisco Application Policy Infrastructure Controller App Privilege Escalation Vulnerability
First published: Wed Aug 25 2021(Updated: )
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker with Administrator read-only credentials to elevate privileges on an affected system. This vulnerability is due to an insufficient role-based access control (RBAC). An attacker with Administrator read-only credentials could exploit this vulnerability by sending a specific API request using an app with admin write credentials. A successful exploit could allow the attacker to elevate privileges to Administrator with write privileges on the affected device.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Application Policy Infrastructure Controller | <3.2\(10f\) | |
| Cisco Application Policy Infrastructure Controller | >=4.0<4.2\(7l\) | |
| Cisco Application Policy Infrastructure Controller | >=5.0<5.2\(2f\) | |
| Cisco Cloud Application Policy Infrastructure Controller | <3.2\(10f\) | |
| Cisco Cloud Application Policy Infrastructure Controller | >=4.0<4.2\(7l\) | |
| Cisco Cloud Application Policy Infrastructure Controller | >=5.0<5.2\(2f\) |
Remedy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-chvul-CKfGYBh8
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-1579?
CVE-2021-1579 is a vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) that allows an attacker to elevate privileges on an affected system.
How severe is CVE-2021-1579?
CVE-2021-1579 has a severity rating of 8.8, which is considered critical.
Which software is affected by CVE-2021-1579?
Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) versions up to 3.2(10f), 4.0 to 4.2(7l), and 5.0 to 5.2(2f) are affected by CVE-2021-1579.
How can an attacker exploit CVE-2021-1579?
An attacker with Administrator read-only credentials can exploit CVE-2021-1579 by using an API endpoint to elevate their privileges on the affected system.
Where can I find more information about CVE-2021-1579?
You can find more information about CVE-2021-1579 in the Cisco Security Advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-chvul-CKfGYBh8
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/title
- agent/remedy
- agent/severity
- agent/references
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/cisco
- canonical/cisco application policy infrastructure controller
- version/cisco application policy infrastructure controller/4.0
- version/cisco application policy infrastructure controller/5.0
- canonical/cisco cloud application policy infrastructure controller
- version/cisco cloud application policy infrastructure controller/4.0
- version/cisco cloud application policy infrastructure controller/5.0