Cisco APIC Authenticated Local Denial-of-Service Vulnerability

A vulnerability exists in the system file permission management of Cisco Application Policy Infrastructure Controller (APIC). This vulnerability allows an authenticated, local attacker with administrative credentials to overwrite critical system files, potentially leading to a denial-of-service (DoS) condition. The issue arises from a race condition in file handling, which an attacker could exploit by performing specific operations on the file system. Successful exploitation could disrupt the device's normal operation, causing it to enter an inconsistent state and create a DoS condition.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition on the affected device, leading to a disruption of normal operations and services.

Remediation

Cisco has released software updates to address this vulnerability. For Cisco APIC versions 5.3 and earlier, users are advised to migrate to a fixed release. For version 6.0, the first fixed release is 6.0(8e), and for version 6.1, the first fixed release is 6.1(2f).