Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.5
Cisco APIC reloads unexpectedly due to invalid input
CVE-2026-20107
Summary
An authenticated attacker with CLI access can cause APIC to restart, leading to a denial of service. This happens when the attacker inputs invalid commands at the CLI. To prevent this, ensure that only authorized users have CLI access and monitor your APIC for unexpected restarts.
Original title
A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to cause an affected device to reload une...
Original description
A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. To exploit this vulnerability, the attacker must have valid user credentials and any role that includes CLI access.
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by issuing crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by issuing crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
nvd CVSS3.1
5.5
Vulnerability type
CWE-1220
Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026