Arbitrary Command Execution Vulnerability in Cisco APIC-EM 1.0 (Bug ID CSCux15507)

Arbitrary Command Execution Vulnerability in Cisco APIC-EM 1.0 (Bug ID CSCux15507)

CVE-2016-1365 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:C

The Grapevine update process in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0 allows remote authenticated users to execute arbitrary commands as root via a crafted upgrade parameter, aka Bug ID CSCux15507.

Learn more about our Cis Benchmark Audit For Cisco.