Cisco Notification Alert -SDN_ONE - APIC-01-Mar-2016 17:49 GMT

Feedback Sign Up Unsubscribe         Security Advisories & Responses - Application Policy Infrastructure Controller (APIC) Title: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Description: A vulnerability in the role-based access control (RBAC) of the Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated remote user to make configuration changes outside of their configured access privileges.   The vulnerability is due to eligibility logic in the RBAC processing code. An authenticated user could exploit this vulnerability by sending specially crafted representational state transfer (REST) requests to the APIC. An exploit could allow the authenticated user to make configuration changes to the APIC beyond the configured privilege for their role. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160203-apic Date: 03-FEB-2016 Find additional information in Cisco Security Advisories & Responses Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.1(4f) Alert Type: New File File Name: CiscoAVS_1.7-5.2.1.SV3.1.7-pkg.zip File Description: Cisco Application Virtual Switch File Release Date: 25-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.1(2i) Alert Type: New File File Name: aci-msft-pkg-1.1.2i.zip File Description: APIC Microsoft Package for 1.1(2i) Release File Release Date: 15-FEB-2016 Alert Type: New File File Name: aci-n9000-dk9.11.1.2i.bin File Description: Cisco Nexus 9000 Series ACI Mode Switch Software Release 11.1(2i) File Release Date: 15-FEB-2016 Alert Type: New File File Name: aci-apic-dk9.1.1.2i.iso File Description: APIC Software Release for 1.1(2i) File Release Date: 15-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.1(4g) Alert Type: New File File Name: CiscoAVS_1.7-5.2.1.SV3.1.7-pkg.zip File Description: Cisco Application Virtual Switch File Release Date: 25-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.2(2h) Alert Type: New File File Name: aci-n9000-dk9.11.2.2h.bin File Description: Cisco Nexus 9000 Series ACI Mode Switch Software Release 11.2(2h) File Release Date: 27-FEB-2016 Alert Type: New File File Name: apic-vrealize-1.2.2h.tgz File Description: VRA Image for 1.2(2h) Release File Release Date: 27-FEB-2016 Alert Type: New File File Name: aci-apic-dk9.1.2.2h.iso File Description: APIC Image for 1.2(2h) Release File Release Date: 27-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.2(1m) Alert Type: New File File Name: aci-msft-pkg-1.2.1m.zip File Description: APIC Microsoft Package for 1.2(1m) Release File Release Date: 03-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.2(1k) Alert Type: Deferral Notice File Name: apic-vrealize-1.2.1k.tgz File Description: VRA image for 1.2(1k) release Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: aci-apic-dk9.1.2.1k.iso File Description: APIC image for 1.2(1k) release Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: aci-n9000-dk9.11.2.1k.bin File Description: Cisco Nexus 9000 Series ACI Mode Switch Software Release 11.2(1k) Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: aci-msft-pkg-1.2.1k.zip File Description: APIC Microsoft Package for 1.2(1k) Release Deferral Notice Date: 24-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.2(1i) Alert Type: Deferral Notice File Name: aci-apic-dk9.1.2.1i.iso File Description: APIC image for 1.2(1i) Release Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: apic-vrealize-1.2.1i.tgz File Description: vrealize image for 1.2(1i) Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: aci-n9000-dk9.11.2.1i.bin File Description: Cisco Nexus 9000 Series ACI Mode Switch Software Release 11.2(1i) Deferral Notice Date: 24-FEB-2016 Alert Type: Deferral Notice File Name: aci-msft-pkg-1.2.1i.zip File Description: APIC Microsoft Package for 1.2(1i) Release Deferral Notice Date: 24-FEB-2016 Software Updates for Application Policy Infrastructure Controller (APIC) Product Name: Application Policy Infrastructure Controller (APIC) Software Type: APIC Software Release Version: 1.2(2g) Alert Type: New File File Name: aci-msft-pkg-1.2.2g.zip File Description: ACI and Microsoft integration package for 1.2(2g) release File Release Date: 24-FEB-2016 Find additional information in Software Downloads index.   2015 Cisco and/or its affiliates. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks