Lucene search
CiscoCISCO-SA-20170816-ESC1HistoryAug 16, 2017 - 4:00 p.m.
Cisco Elastic Services Controller Configuration Files Information Disclosure Vulnerability
2017-08-1616:00:00
tools.cisco.com
14
EPSS
0.001
Percentile
31.2%
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information.
The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1”]
Affected configurations
Node
ciscoelastic_services_controllerMatchany
ORciscoelastic_services_controllerMatchany
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | elastic_services_controller | any | cpe:2.3:a:cisco:elastic_services_controller:any:*:*:*:*:*:*:* |
Related
prion
prion
Information disclosure
2017-08-17 20:29:00
cvelist
cvelist
CVE-2017-6772
2017-08-17 20:00:00
cve
cve
CVE-2017-6772
2017-08-17 20:29:00
nvd
nvd
CVE-2017-6772
2017-08-17 20:29:00