Cisco Application Policy Infrastructure Controller (APIC) is an automated infrastructure deployment and governance solution from Cisco. The API endpoint of the Controller contains an elevation of privilege vulnerability that can be exploited by an attacker with administrator read-only credentials to elevate privileges to an administrator with write access by sending a specific API request using an application with administrator write credentials.