fkie_cve-2025-20117
Vulnerability from fkie_nvd
Published
2025-02-26 17:15
Modified
2025-07-31 17:37
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B98F6DE0-E0BB-4964-8A05-C65F5165621B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(1m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D70E3895-DCB3-4172-B98C-6E40F0A4F418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CAD7459-DE32-4CCD-8FD9-E51E78F5E6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AB7047CE-3246-4148-A976-816F52955EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "195681EC-2C51-4E03-9D6B-98775F91CCDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2159857F-B8BA-4C08-B3B0-F94D391A6396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3110702B-17B0-4CC0-ACF1-373E46B434B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B4DC07AC-B0E9-4963-843E-FFA9461FFBB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99D0E93D-8D70-4232-85B5-916DF9094FC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(3s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "43499579-9B0B-439E-8E75-18E7B42799FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7F5A4B6-B2E7-419F-A051-CBA3EC4A36C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "41FEF58C-6E55-4B50-A26A-0D6CC162572B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7A2FE-4858-4929-98CF-D830D5ADC570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF6ABA87-08F5-4C89-B0A2-D209B6305E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(5f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01076AAB-79F9-40B8-BE1F-411EED87867A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(6i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76E4E4F2-9567-471E-AC73-5CD6AD338C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEAD3085-3271-4E28-9E55-2ED813D796F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(7k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80ADB11A-4D8C-4C2D-A483-E5BCD0B52B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF518C44-E1F8-4443-9D73-D620158E7946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569D4548-EE9D-4F33-A6EE-21A7ADF2514E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46F2A714-DA33-449E-9C99-C8D8C15647D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(9h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A36D5184-55D1-4CBA-91BC-5E077FB07E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D155016D-6988-4489-A4A1-BFDFB8F702A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C036D5F-67EE-45CE-8D47-2BF483A14922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(10g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B468C9AE-396E-445B-AC5D-EAB1BB8EDFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:3.2\\(41d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3686F336-5D02-4984-B465-762EA7AB747D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DA2A1A67-093B-4B8D-92EC-74BBDEDC91AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E6D53DB7-C376-481B-9FF5-745290EE2F4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A59205CF-AB56-4902-BE58-2823B432A32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF203A26-8EE3-4570-89EB-2C06F228222D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0530224D-F85F-41CD-ADF9-29DF060C3BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "807B4B19-7346-4F9A-AC07-ACC9F1AE145E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5775342D-C7A7-454E-BE3C-D0BF0C045C20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9496DBE9-0688-49F4-9A13-6AB427BB3663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2DFEF7C4-26F5-4F58-9063-811247E40EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9863BBC-56C8-44FC-B30A-5D12C74B3779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2m\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E54667F-863C-4FC7-8DF2-5515D6766B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93D1B627-4C61-4A86-8C39-D5C1152F0EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "632F2791-A9E9-4902-9F5F-51F5D8A025AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "511B92C9-9E6D-4919-9CF3-BCAE7802B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69D2E5F9-6A86-4F9A-9E71-BA682301D1AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.1\\(2x\\):*:*:*:*:*:*:*",
"matchCriteriaId": "706A76CD-F18D-4B95-B996-B0160A91CD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46CDDD7F-018A-4AD7-BBE2-F8602F2BA931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C47A6A0E-84B9-4DE4-98EB-1065E18C2D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AA157F60-606D-4A5C-8437-D7970C7FA8D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "87ED09DD-8305-4CF9-B174-644AC585C92B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BF98D3C8-A0C6-46EA-9B62-3850868B36A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9BD24A82-0BF7-4B90-BA36-BD6AB204304B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0EA99D3C-21C0-4432-AE97-8F750C8D4D2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "095A0E88-E216-4070-A458-8ED6041469B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E0FDA1-5C75-4683-B24C-4486EC7E3E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CCD0F519-2B3B-4AF1-BC30-12B8F5F0F54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(3q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8376ED28-4A53-4E54-94C2-B1C2A744729B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "961D987E-71F7-4CF4-BDAA-0B6ABDEF05D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A584271A-0F2B-4B55-A14B-FA55BC8BD981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9D87AD83-B69E-4C79-9362-984FBD4096B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(4p\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3930A258-9C03-49E0-B935-136847EF05E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7821B4A2-FFF5-4E2E-B360-9000DD0A1980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08254391-0BEC-4110-8AAF-44B66E76569B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(5n\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A8CCC02-5269-47CA-9DEE-FB9DF0AEAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BB6B9B5-9B85-49FC-83F6-3CD2C3B92D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5627AF1-FB65-44F1-A7E2-98D6B2767887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AF23AD6E-B875-4895-BC82-EA6305927487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B8418157-E12F-4F97-9FAE-601C9BE25D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(6o\\):*:*:*:*:*:*:*",
"matchCriteriaId": "270B4C0E-796A-43B3-B3BE-D8C0DF0C0F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9FDB03C-8B6F-46B2-930A-BD105E41D2FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FA2AA37-6DA9-43D8-9D21-E1ECED85A509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7q\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5088B144-3349-4E6F-8978-B96FA7AC420F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7r\\):*:*:*:*:*:*:*",
"matchCriteriaId": "08791B2A-6B2F-4BAE-9E9B-0B2E5F8B610D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7s\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3067079-4CE4-4F29-BFDB-2CDACD003BD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7t\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CC183AB-16F7-4C43-8F2F-F7508005A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7u\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB58D50B-68C3-40A3-8E0C-151511E22978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7v\\):*:*:*:*:*:*:*",
"matchCriteriaId": "693E0E3A-0AA3-4556-930F-79A13A4506ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:4.2\\(7w\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0875EE60-A0CE-44C2-AE3A-42BF383BA710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B412D14-9F6F-4608-8CF8-3AE74A694BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BB19FC9F-C52E-48B5-B6F5-5B39F016DC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "091E80DF-2FCF-466D-8D41-A6F5513C0180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F1BBC0EE-5C05-4E88-95CC-2FEB7ABE95C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7587DDE3-79E4-4A7A-B02D-D407B99B6CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C4E68E4-7893-4DC3-9464-03689AEBB2BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DE195AC-67AA-45CD-8F81-96B5B4859869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.1\\(4c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35BFCBA5-DDA2-4DC6-BD12-CF1D58CB73F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "92295C80-3DEB-47C8-A26F-CFA156C88B34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CD9A687B-642A-4646-A85C-8F5C41B8CD15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "697D5222-9FDC-430A-B4AD-18C43606B59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4ABB3875-2D9B-4EF5-9DF5-0E7C2E180167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4D660DE6-B3F1-498D-9F0C-919D4FD81913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BEE0A24-B301-4693-965B-9EDF4FB3E652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "832E8780-1C4F-42EE-B3DB-C36D5C39330A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BA0E35AD-664F-4A1B-A651-9A6D6699133E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B487C5E8-FCDB-4EDC-85A0-69B9143B8C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1DA2E2F-D519-46E1-AF0F-1B068EE8CF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "19E2370A-EDBD-4F39-9AA2-BB1B48DBC6F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(4h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B13102E2-A4B5-4E8E-AFBF-7D2824DF07D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E304F25-6F50-4C86-B488-F3CB80601FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A56BE783-4995-4EE9-90C8-6BAE73588A55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(5e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE12D57D-B08E-46DE-9048-F608B1D0432A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "36DD76D9-2703-40AF-B154-9F3A268473D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2AFA2721-32D2-4877-BCAB-8E965AAB0B28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(6h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC4FB4EB-87BE-4A1B-AB68-9B12F2372090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8638CF95-3422-4F8D-AE5D-FF7F76BFC456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(7g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "857F16AE-D927-44E8-B268-F7A2FC4503B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B178BD85-E906-4D5E-9710-22C394038EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC7D76A6-9CEF-4E74-A991-37725A46A045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "224C813A-61E2-4FE7-A012-8C50D90CB633",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7D57E315-9795-4AB2-A36D-1979AA3B65E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "010B771A-30B2-4892-B028-08C9AEC170BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.2\\(8i\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94AEA808-C9C3-4C54-A717-6FB3BC4A32EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA3ED35C-255F-43D3-A9A9-81AAEA1F3AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B1284FC-805B-4C57-931A-BA422A648777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4BD6BCF2-81B0-4118-9C34-55AEFFAB62BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7CCD0606-F883-469B-BA82-B372B2F33D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F69DA2D-379F-437A-9284-B5C98BC9F94D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:5.3\\(2e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D1FF93B-35F0-4CA9-8A7F-4B4B732A81D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F7699F8E-2A17-421E-8078-7EBECE7C2768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(1j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C01F1006-7409-459F-A947-7D68D483CCC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7839A222-2CC0-495D-97E6-2421BFB0B948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(2j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "11F64391-5096-478C-A955-169F4AEBDC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF29E5EB-2497-4136-9BC7-7E75A6180245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B7CC4CE-1FF6-45BB-AAC7-367593586AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(3g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64CFF745-E48F-44B9-8C22-12644F0FF06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(4c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97954FE9-2CBF-4016-8FDD-CE7423A65BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F6714932-BC33-41D0-8032-7ED387C6F80C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(5j\\):*:*:*:*:*:*:*",
"matchCriteriaId": "23C425D3-CF4A-4D2D-9FD6-E7B9A9927ED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(6c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C91678F6-6BF7-4158-9FBD-6C439BE54D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(7e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "291A6AB2-121A-49AE-94E0-C9A76A87D48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.0\\(8d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C4E7075-9EFE-4573-A5E5-F15E622A16A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:application_policy_infrastructure_controller:6.1\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B3DA1C0-01DB-4773-81EC-A8574030FC59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root\u0026nbsp;on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de Cisco APIC podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios como superusuario en el sistema operativo subyacente de un dispositivo afectado. Para explotar esta vulnerabilidad, el atacante debe tener credenciales administrativas v\u00e1lidas. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los argumentos que se pasan a comandos CLI espec\u00edficos. Un atacante podr\u00eda explotar esta vulnerabilidad al incluir una entrada manipulada como argumento de un comando CLI afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute comandos arbitrarios en el sistema operativo subyacente con los privilegios de superusuario."
}
],
"id": "CVE-2025-20117",
"lastModified": "2025-07-31T17:37:13.113",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-26T17:15:22.567",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…