Unrated severityNVD Advisory· Published Jul 24, 2015· Updated May 6, 2026

CVE-2015-4235

Description

Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1.1 before 1.1(1j) and Nexus 9000 ACI devices with software before 11.0(4o) and 11.1 before 11.1(1j) do not properly restrict access to the APIC filesystem, which allows remote authenticated users to obtain root privileges via unspecified use of the APIC cluster-management configuration feature, aka Bug IDs CSCuu72094 and CSCuv11991.

Affected products

Cisco Systems, Inc./Application Policy Infrastructure Controller \(apic\)
cpe:2.3:o:cisco:application_policy_infrastructure_controller_\(apic\):1.0\(1e\):*:*:*:*:*:*:*
Cisco Systems, Inc./Nx Os11 versions
cpe:2.3:o:cisco:nx-os:11.0\(1b\):*:*:*:*:*:*:*+ 10 more
- cpe:2.3:o:cisco:nx-os:11.0\(1b\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(1c\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(1d\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(1e\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(2j\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(2m\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(3f\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(3i\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(3k\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(3n\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:nx-os:11.0\(4h\):*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-apicnvdVendor Advisory
www.securitytracker.com/id/1033025nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000