Primary

Context

Cisco APIC Authenticated Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Cisco Application Policy Infrastructure Controller (APIC) that allows an authenticated, local attacker to access sensitive information on an affected device. This issue arises from inadequate masking of sensitive data displayed through system CLI commands. Exploitation of this vulnerability could enable the attacker to gather information that may be used for further attacks.

Impact

Successful exploitation of this vulnerability could lead to unauthorized access to sensitive information on the affected device, potentially facilitating additional attacks.

Remediation

Cisco has released software updates to address this vulnerability. For specific upgrade instructions, consult the Cisco Security Advisories page or contact the Cisco Technical Assistance Center (TAC) or your maintenance provider.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cisco APIC Authenticated Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Cisco Application Policy Infrastructure Controller

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating