CVE-2025-20119
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to a race condition with handling system files. An attacker could exploit this vulnerability by doing specific operations on the file system. A successful exploit could allow the attacker to overwrite system files, which could lead to the device being in an inconsistent state and cause a DoS condition.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(8d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(1m) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(5e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2m) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(41d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3s) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.0(3c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(1k) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(4d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(2e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(3j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(3n) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.0(1h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(1l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(9f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(3l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(2g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(7k) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(9b) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2u) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(1l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(1a) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.0(3d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(4e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(1i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(5f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(1l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(1i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2o) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(1g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(2f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(6i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3n) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2x) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(5d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(3q) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(1j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2w) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(2o) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3r) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.0(2c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.1(2s) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(7f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(3o) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(2l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(1j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(4i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(9h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.0(1k) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(4k) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.0(1l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.0(2e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(4o) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(4p) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.0(2h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(5k) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(5l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(5n) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.1(1h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(6d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.1(2e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(6g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(6h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.1(3e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(10e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(6l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.1(4c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(6o) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(1g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(2e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7l) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(10f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(2f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(2g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7q) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(2h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(3f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(3e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(3g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7r) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7s) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(4d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(4e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7t) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(5d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 3.2(10g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(5c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(1g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7u) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(5e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(4f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(6e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(1j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(6g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(7f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7v) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(7g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(2h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 4.2(7w) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(6h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(4h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(2j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(3d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(3e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(1d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(4c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(2a) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.2(8i) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(5h) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(2b) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(3g) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(5j) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(2c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(6c) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.1(1f) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(7e) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(2d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 6.0(8d) | affected |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | 5.3(2e) | affected |
Weaknesses
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.