Cisco

Elastic Services Controller

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-1312

  • EPSS 0.11%
  • Veröffentlicht 20.01.2021 20:15:17
  • Zuletzt bearbeitet 21.11.2024 05:44:04

A vulnerability in the system resource management of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) to the health monitor API on an affected device. The vulnerability is due ...

10

CVE-2019-1867

  • EPSS 21.79%
  • Veröffentlicht 10.05.2019 12:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:34

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could ex...

9.8

CVE-2018-0121

  • EPSS 6.34%
  • Veröffentlicht 22.02.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:37:33

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrato...

3.3

CVE-2018-0106

  • EPSS 0.07%
  • Veröffentlicht 18.01.2018 06:29:01
  • Zuletzt bearbeitet 21.11.2024 03:37:31

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. The vulnerability is due to insufficient security restrictions. An...

4.9

CVE-2017-6777

  • EPSS 0.19%
  • Veröffentlicht 17.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the sy...

9

CVE-2017-6712

  • EPSS 0.79%
  • Veröffentlicht 06.07.2017 00:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the sys...

10

CVE-2017-6713

  • EPSS 1.74%
  • Veröffentlicht 06.07.2017 00:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI ...

9

CVE-2017-6684

  • EPSS 0.99%
  • Veröffentlicht 13.06.2017 06:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76651. Known Affect...