Cisco Elastic_services_controller

19 CVEs affecting Cisco Elastic_services_controller. Latest disclosed: 2021-01-20. Critical: 3, High: 6.

Top CVEs affecting Cisco Elastic_services_controller
CVESeverityScorePublishedSummary
CVE-2019-1867Critical10.02019-05-10A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST…
CVE-2018-0121Critical9.82018-02-22A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticate…
CVE-2017-6713Critical9.82017-07-06A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the aff…
CVE-2017-6712High8.82017-07-06A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate privileges to root and run da…
CVE-2017-6689High8.82017-06-13A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the adm…
CVE-2017-6688High8.82017-06-13A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka…
CVE-2017-6684High8.82017-06-13A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, ak…
CVE-2017-6683High8.82017-06-13A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands…
CVE-2017-6682High8.82017-06-13A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tom…
CVE-2017-6697Medium6.52017-06-13A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials…
CVE-2017-6691Medium6.52017-06-13A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affe…
CVE-2017-6786Medium6.32017-08-17A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including cred…
CVE-2017-6776Medium6.12017-08-17A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripti…
CVE-2017-6696Medium5.52017-06-13A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credenti…
CVE-2017-6693Medium5.52017-06-13A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored i…
CVE-2021-1312Medium5.32021-01-20A vulnerability in the system resource management of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to cause a denial…
CVE-2017-6777Medium4.92017-08-17A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system in…
CVE-2017-6772Medium4.32017-08-17A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is du…
CVE-2018-0106Low3.32018-01-18A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive informati…