Guest

Preview Tool

Cisco Bug: CSCuq77485 - RBAC Security not working for health score

Last Modified

Jan 29, 2017

Products (1)

  • Cisco Application Policy Infrastructure Controller (APIC)

Known Affected Releases

1.0(1.110a)

Description (partial)

Symptoms:

A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (Cisco APIC)  could allow an
authenticated, remote attacker to have ''read'' access to certain information stored in the affected system .

The vulnerability is due to improper handling of role-based access control (RBAC) for health scoring. An attacker could exploit this
vulnerability by gaining access to information that they should not be able to. 

Conditions:
Devices running an affected version of 1.0(1e).
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.