cisco application-policy-infrastructure-controller CVE-2021-1578 vulnerability in Cisco Products
Published on August 25, 2021

Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is due to an improper policy default setting. An attacker could exploit this vulnerability by using a non-privileged credential for Cisco ACI Multi-Site Orchestrator (MSO) to send a specific API request to a managed Cisco APIC or Cloud APIC device. A successful exploit could allow the attacker to obtain Administrator credentials on the affected device.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-1578 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a Failing Open Vulnerability?

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions. By entering a less secure state, the product inherits the weaknesses associated with that state, making it easier to compromise. At the least, it causes administrators to have a false sense of security. This weakness typically occurs as a result of wanting to "fail functional" to minimize administration and support costs, instead of "failing safe."

CVE-2021-1578 has been classified to as a Failing Open vulnerability or weakness.


Products Associated with CVE-2021-1578

stack.watch emails you whenever new vulnerabilities are published in Cisco Application Policy Infrastructure Controller or Cisco Cloud Application Policy Infrastructure Controller. Just hit a watch button to start following.

Cisco Application Policy Infrastructure Controller
 
Cisco Cloud Application Policy Infrastructure Controller
 

Affected Versions

Cisco Application Policy Infrastructure Controller (APIC) Version n/a is affected by CVE-2021-1578

Exploit Probability

EPSS
1.05%
Percentile
77.34%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.