A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an authenticated, remote attacker with Administrator-level privileges to install a modified software image, leading to arbitrary code injection on an affected system.
This vulnerability is due to insufficient signature validation of software images. An attacker could exploit this vulnerability by installing a modified software image. A successful exploit could allow the attacker to execute arbitrary code on the affected system and elevate their privileges to root. Note: Administrators should always validate the hash of any upgrade image before uploading it to Cisco APIC and Cisco Cloud Network Controller.
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Application_policy_infrastructure_controller | Cisco | 1.1(1d) (including) | 1.1(1d) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(1j) (including) | 1.1(1j) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(1n) (including) | 1.1(1n) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(1o) (including) | 1.1(1o) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(1r) (including) | 1.1(1r) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(1s) (including) | 1.1(1s) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(2h) (including) | 1.1(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(2i) (including) | 1.1(2i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(3f) (including) | 1.1(3f) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4e) (including) | 1.1(4e) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4f) (including) | 1.1(4f) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4g) (including) | 1.1(4g) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4i) (including) | 1.1(4i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4l) (including) | 1.1(4l) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.1(4m) (including) | 1.1(4m) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(1h) (including) | 1.2(1h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(1i) (including) | 1.2(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(1k) (including) | 1.2(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(1m) (including) | 1.2(1m) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(2g) (including) | 1.2(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(2h) (including) | 1.2(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(2i) (including) | 1.2(2i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(2j) (including) | 1.2(2j) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(3c) (including) | 1.2(3c) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(3e) (including) | 1.2(3e) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(3h) (including) | 1.2(3h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.2(3m) (including) | 1.2(3m) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(1g) (including) | 1.3(1g) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(1h) (including) | 1.3(1h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(1i) (including) | 1.3(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(1j) (including) | 1.3(1j) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(2f) (including) | 1.3(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(2h) (including) | 1.3(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(2i) (including) | 1.3(2i) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(2j) (including) | 1.3(2j) (including) |
| Application_policy_infrastructure_controller | Cisco | 1.3(2k) (including) | 1.3(2k) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1k) (including) | 2.0(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1l) (including) | 2.0(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1m) (including) | 2.0(1m) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1n) (including) | 2.0(1n) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1o) (including) | 2.0(1o) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1p) (including) | 2.0(1p) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1q) (including) | 2.0(1q) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(1r) (including) | 2.0(1r) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2f) (including) | 2.0(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2g) (including) | 2.0(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2h) (including) | 2.0(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2l) (including) | 2.0(2l) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2m) (including) | 2.0(2m) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2n) (including) | 2.0(2n) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.0(2o) (including) | 2.0(2o) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(1h) (including) | 2.1(1h) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(1i) (including) | 2.1(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(2e) (including) | 2.1(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(2f) (including) | 2.1(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(2g) (including) | 2.1(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(2k) (including) | 2.1(2k) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(3g) (including) | 2.1(3g) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(3h) (including) | 2.1(3h) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(3j) (including) | 2.1(3j) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.1(4a) (including) | 2.1(4a) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(1k) (including) | 2.2(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(1n) (including) | 2.2(1n) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(1o) (including) | 2.2(1o) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2e) (including) | 2.2(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2f) (including) | 2.2(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2i) (including) | 2.2(2i) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2j) (including) | 2.2(2j) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2k) (including) | 2.2(2k) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(2q) (including) | 2.2(2q) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(3j) (including) | 2.2(3j) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(3p) (including) | 2.2(3p) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(3r) (including) | 2.2(3r) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(3s) (including) | 2.2(3s) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(3t) (including) | 2.2(3t) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(4f) (including) | 2.2(4f) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(4p) (including) | 2.2(4p) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(4q) (including) | 2.2(4q) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.2(4r) (including) | 2.2(4r) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1e) (including) | 2.3(1e) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1f) (including) | 2.3(1f) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1i) (including) | 2.3(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1l) (including) | 2.3(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1o) (including) | 2.3(1o) (including) |
| Application_policy_infrastructure_controller | Cisco | 2.3(1p) (including) | 2.3(1p) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(1i) (including) | 3.0(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(1k) (including) | 3.0(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(2h) (including) | 3.0(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(2k) (including) | 3.0(2k) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(2m) (including) | 3.0(2m) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.0(2n) (including) | 3.0(2n) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(1i) (including) | 3.1(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2m) (including) | 3.1(2m) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2o) (including) | 3.1(2o) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2p) (including) | 3.1(2p) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2q) (including) | 3.1(2q) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2s) (including) | 3.1(2s) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2t) (including) | 3.1(2t) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2u) (including) | 3.1(2u) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.1(2v) (including) | 3.1(2v) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(1l) (including) | 3.2(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(1m) (including) | 3.2(1m) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(2l) (including) | 3.2(2l) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(2o) (including) | 3.2(2o) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3i) (including) | 3.2(3i) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3j) (including) | 3.2(3j) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3n) (including) | 3.2(3n) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3o) (including) | 3.2(3o) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3r) (including) | 3.2(3r) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(3s) (including) | 3.2(3s) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(4d) (including) | 3.2(4d) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(4e) (including) | 3.2(4e) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(5d) (including) | 3.2(5d) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(5e) (including) | 3.2(5e) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(5f) (including) | 3.2(5f) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(6i) (including) | 3.2(6i) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(7f) (including) | 3.2(7f) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(7k) (including) | 3.2(7k) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(8d) (including) | 3.2(8d) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(9b) (including) | 3.2(9b) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(9f) (including) | 3.2(9f) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(9h) (including) | 3.2(9h) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(10e) (including) | 3.2(10e) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(10f) (including) | 3.2(10f) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(10g) (including) | 3.2(10g) (including) |
| Application_policy_infrastructure_controller | Cisco | 3.2(41d) (including) | 3.2(41d) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.0(1h) (including) | 4.0(1h) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.0(2c) (including) | 4.0(2c) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.0(3c) (including) | 4.0(3c) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.0(3d) (including) | 4.0(3d) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(1a) (including) | 4.1(1a) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(1i) (including) | 4.1(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(1j) (including) | 4.1(1j) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(1k) (including) | 4.1(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(1l) (including) | 4.1(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2g) (including) | 4.1(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2m) (including) | 4.1(2m) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2o) (including) | 4.1(2o) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2s) (including) | 4.1(2s) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2u) (including) | 4.1(2u) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2w) (including) | 4.1(2w) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.1(2x) (including) | 4.1(2x) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(1g) (including) | 4.2(1g) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(1i) (including) | 4.2(1i) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(1j) (including) | 4.2(1j) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(1l) (including) | 4.2(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(2e) (including) | 4.2(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(2f) (including) | 4.2(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(2g) (including) | 4.2(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(3j) (including) | 4.2(3j) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(3l) (including) | 4.2(3l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(3n) (including) | 4.2(3n) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(3q) (including) | 4.2(3q) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(4i) (including) | 4.2(4i) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(4k) (including) | 4.2(4k) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(4o) (including) | 4.2(4o) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(4p) (including) | 4.2(4p) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(5k) (including) | 4.2(5k) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(5l) (including) | 4.2(5l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(5n) (including) | 4.2(5n) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(6d) (including) | 4.2(6d) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(6g) (including) | 4.2(6g) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(6h) (including) | 4.2(6h) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(6l) (including) | 4.2(6l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(6o) (including) | 4.2(6o) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7f) (including) | 4.2(7f) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7l) (including) | 4.2(7l) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7q) (including) | 4.2(7q) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7r) (including) | 4.2(7r) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7s) (including) | 4.2(7s) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7t) (including) | 4.2(7t) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7u) (including) | 4.2(7u) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7v) (including) | 4.2(7v) (including) |
| Application_policy_infrastructure_controller | Cisco | 4.2(7w) (including) | 4.2(7w) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.0(1k) (including) | 5.0(1k) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.0(1l) (including) | 5.0(1l) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.0(2e) (including) | 5.0(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.0(2h) (including) | 5.0(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.1(1h) (including) | 5.1(1h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.1(2e) (including) | 5.1(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.1(3e) (including) | 5.1(3e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.1(4c) (including) | 5.1(4c) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(1g) (including) | 5.2(1g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(2e) (including) | 5.2(2e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(2f) (including) | 5.2(2f) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(2g) (including) | 5.2(2g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(2h) (including) | 5.2(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(3e) (including) | 5.2(3e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(3f) (including) | 5.2(3f) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(3g) (including) | 5.2(3g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(4d) (including) | 5.2(4d) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(4e) (including) | 5.2(4e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(4f) (including) | 5.2(4f) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(4h) (including) | 5.2(4h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(5c) (including) | 5.2(5c) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(5d) (including) | 5.2(5d) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(5e) (including) | 5.2(5e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(6e) (including) | 5.2(6e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(6g) (including) | 5.2(6g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(6h) (including) | 5.2(6h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(7f) (including) | 5.2(7f) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(7g) (including) | 5.2(7g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8d) (including) | 5.2(8d) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8e) (including) | 5.2(8e) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8f) (including) | 5.2(8f) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8g) (including) | 5.2(8g) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8h) (including) | 5.2(8h) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.2(8i) (including) | 5.2(8i) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.3(1d) (including) | 5.3(1d) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.3(2a) (including) | 5.3(2a) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.3(2b) (including) | 5.3(2b) (including) |
| Application_policy_infrastructure_controller | Cisco | 5.3(2c) (including) | 5.3(2c) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(1g) (including) | 6.0(1g) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(1j) (including) | 6.0(1j) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(2h) (including) | 6.0(2h) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(2j) (including) | 6.0(2j) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(3d) (including) | 6.0(3d) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(3e) (including) | 6.0(3e) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(3g) (including) | 6.0(3g) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(4c) (including) | 6.0(4c) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(5h) (including) | 6.0(5h) (including) |
| Application_policy_infrastructure_controller | Cisco | 6.0(5j) (including) | 6.0(5j) (including) |
New weaknesses can be exposed because running with extra privileges, such as root or Administrator, can disable the normal security checks being performed by the operating system or surrounding environment. Other pre-existing weaknesses can turn into security vulnerabilities if they occur while operating at raised privileges. Privilege management functions can behave in some less-than-obvious ways, and they have different quirks on different platforms. These inconsistencies are particularly pronounced if you are transitioning from one non-root user to another. Signal handlers and spawned processes run at the privilege of the owning process, so if a process is running as root when a signal fires or a sub-process is executed, the signal handler or sub-process will operate with root privileges.