How severe is CVE-2021-1578?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2021-1578?

This is classified as CWE-636, which is a common weakness in software security.

CVE-2021-1578 - HIGH Severity | CVSS 8.8

Vulnerability Description

A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected device. This vulnerability is due to an improper policy default setting. An attacker could exploit this vulnerability by using a non-privileged credential for Cisco ACI Multi-Site Orchestrator (MSO) to send a specific API request to a managed Cisco APIC or Cloud APIC device. A successful exploit could allow the attacker to obtain Administrator credentials on the affected device.

Related Vulnerabilities

CVE-2024-43532

HIGH

CVSS:8.8(High)

Remote Registry Service Elevation of Privilege Vulnerability

CWE-6362024

CVE-2023-4030

HIGH

CVSS:7.8(High)

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.

CWE-6362023

CVE-2024-8185

HIGH

CVSS:7.5(High)

Vault Community and Vault Enterprise (“Vault”) clusters using Vault’s Integrated Storage backend are vulnerable to a denial-of-service (DoS) attack through memory exhaustion through a Raft cluster joi...

CWE-6362024

CVE-2024-43532

HIGH

CVSS:8.8(High)

Remote Registry Service Elevation of Privilege Vulnerability

CWE-6362024

CVE-2023-4030

HIGH

CVSS:7.8(High)

A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.

CWE-6362023

CVE-2024-8185

HIGH

CVSS:7.5(High)

CWE-6362024