Cisco Application Policy Infrastructure Controller Unauthorized Policy Actions Vulnerability
|
System information
|
| |
|
|
Affected software |
Cisco |
Description
|
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different security domain on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy for policies outside the tenant boundaries.
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-uapa-F4TAShk?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20Unauthorized%20Policy%20Actions%20Vulnerability&vs_k=1 |
Standar resources
|
|
Property |
Value |
|
CVE |
CVE-2023-20230. |
