CVE-2017-12262
CVE-2017-12262 is a high-severity vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module with a CVSS 3.x base score of 8.8. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-665.
Key facts
- Severity: High (CVSS 3.x base score 8.8)
- CVSS v2: 5.8
- EPSS exploit prediction: 1% (52nd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-665
- Affected product: Cisco Application Policy Infrastructure Controller Enterprise Module
- Published:
- Last modified:
Description
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. The vulnerability is due to an incorrect firewall rule on the device. The misconfiguration could allow traffic sent to the public interface of the device to be forwarded to the internal virtual network of the APIC-EM. An attacker that is logically adjacent to the network on which the public interface of the affected APIC-EM resides could leverage this behavior to gain access to services listening on the internal network with elevated privileges. This vulnerability affects appliances or virtual devices running Cisco Application Policy Infrastructure Controller Enterprise Module prior to version 1.5. Cisco Bug IDs: CSCve89638.
Frequently asked questions
- What is CVE-2017-12262?
- A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an unauthenticated, adjacent attacker to gain privileged access to services only available on the internal network of the device. The vulnerability is due to an incorrect firewall rule on the device. The misconfiguration could allow traffic sent to the public interface of the device to be forwarded to the internal virtual network of the APIC-EM. An attacker that is logically adjacent to the network on which the public interface of the affected APIC-EM resides could leverage this behavior to gain access to services listening on the internal network with elevated privileges. This vulnerability affects appliances or virtual devices running Cisco Application Policy Infrastructure Controller Enterprise Module prior to version 1.5. Cisco Bug IDs: CSCve89638.
- How severe is CVE-2017-12262?
- CVE-2017-12262 has a CVSS 3.x base score of 8.8, rated high severity. It is exploitable over an adjacent network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is high, integrity high, and availability high.
- Is CVE-2017-12262 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (52nd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2017-12262?
- CVE-2017-12262 affects Cisco Application Policy Infrastructure Controller Enterprise Module. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2017-12262?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2017-12262 published?
- CVE-2017-12262 was published on 2017-11-02 and last updated on 2026-06-17.
References
- http://www.securityfocus.com/bid/101647
- http://www.securitytracker.com/id/1039716
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-apicem
Affected products (1)
- cpe:2.3:a:cisco:application_policy_infrastructure_controller_enterprise_module:*:*:*:*:*:*:*:*
More vulnerabilities in Cisco Application Policy Infrastructure Controller Enterprise Module
- CVE-2018-0427 — High (CVSS 8.8): A vulnerability in the CronJob scheduler API of Cisco Digital Network Architecture (DNA) Center could allow an…
- CVE-2016-1365 — High (CVSS 8.8): The Grapevine update process in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0…
- CVE-2018-0368 — High (CVSS 7.8): A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to…
- CVE-2016-1386 — High (CVSS 7.5): The API in Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) 1.0(1) allows remote…
- CVE-2016-1318 — Medium (CVSS 6.1): Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module…
- CVE-2016-1305 — Medium (CVSS 6.1): Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enterprise Module…
All CVEs affecting Cisco Application Policy Infrastructure Controller Enterprise Module →
Other CWE-665 (Improper Initialization) vulnerabilities
- CVE-2021-33635 — Critical (CVSS 9.8): When malicious images are pulled by isula pull, attackers can execute arbitrary code.
- CVE-2022-37128 — Critical (CVSS 9.8): In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.
- CVE-2021-41264 — Critical (CVSS 9.8): OpenZeppelin Contracts is a library for smart contract development. In affected versions upgradeable contracts using…
- CVE-2019-10196 — Critical (CVSS 9.8): A flaw was found in http-proxy-agent, prior to version 2.1.0. It was discovered http-proxy-agent passes an auth option…
- CVE-2015-8367 — Critical (CVSS 9.8): The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute…
- CVE-2019-14271 — Critical (CVSS 9.8): In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the…
Browse all CWE-665 (Improper Initialization) vulnerabilities →