Cloud API
by Mygardyn
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28766 | Cri | 0.60 | 9.3 | 0.00 | Apr 3, 2026 | A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. | ||
| CVE-2026-25197 | Cri | 0.59 | 9.1 | 0.00 | Apr 3, 2026 | A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call. | ||
| CVE-2026-32646 | Hig | 0.49 | 7.5 | 0.00 | Apr 3, 2026 | A specific administrative endpoint is accessible without proper authentication, exposing device management functions. | ||
| CVE-2026-32662 | Med | 0.34 | 5.3 | 0.00 | Apr 3, 2026 | Development and test API endpoints are present that mirror production functionality. | ||
| CVE-2026-28767 | Med | 0.34 | 5.3 | 0.00 | Apr 3, 2026 | A specific administrative endpoint notifications is accessible without proper authentication. | ||
| CVE-2021-1582 | 0.00 | — | 0.01 | Aug 25, 2021 | A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due to improper input… | |||
| CVE-2021-1581 | 0.00 | — | 0.01 | Aug 25, 2021 | Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these… | |||
| CVE-2021-1580 | 0.00 | — | 0.02 | Aug 25, 2021 | Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these… | |||
| CVE-2021-1578 | 0.00 | — | 0.02 | Aug 25, 2021 | A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device.… |
- risk 0.60cvss 9.3epss 0.00
A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication.
- risk 0.59cvss 9.1epss 0.00
A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call.
- risk 0.49cvss 7.5epss 0.00
A specific administrative endpoint is accessible without proper authentication, exposing device management functions.
- risk 0.34cvss 5.3epss 0.00
Development and test API endpoints are present that mirror production functionality.
- risk 0.34cvss 5.3epss 0.00
A specific administrative endpoint notifications is accessible without proper authentication.
- CVE-2021-1582Aug 25, 2021risk 0.00cvss —epss 0.01
A vulnerability in the web UI of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow an authenticated, remote attacker to perform a stored cross-site scripting attack on an affected system. This vulnerability is due to improper input…
- CVE-2021-1581Aug 25, 2021risk 0.00cvss —epss 0.01
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these…
- CVE-2021-1580Aug 25, 2021risk 0.00cvss —epss 0.02
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller (APIC) or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these…
- CVE-2021-1578Aug 25, 2021risk 0.00cvss —epss 0.02
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device.…