CVE-2017-6684

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76651. Known Affected Releases: 21.0.0...

CVE-2017-6691

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd29403. Known Affected Releases: 2.32...

CVE-2017-6684

Cisco Elastic Services Controller (ESC) contains an insecure default credentials vulnerability. An authenticated attacker could log in as the Linux admin user due to a default, weak, hard-coded password. Affected release: 21.0.0. The Cisco advisory notes there are no workarounds; it does not spec...

CVE-2017-6697

A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. More Information: CSCvd76339. Known Affected Releases: 2.29.76...

CVE-2017-6682

CVE-2017-6682 affects Cisco Elastic Services Controller (ESC) where the ConfD CLI allows an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user due to insufficient sanitization of allowed ConfD CLI commands. Affected release noted: 2.2(9.76). The issue enables comman...

CVE-2017-6689

CVE-2017-6689 is a Cisco Elastic Services Controller vulnerability affecting the ConfD CLI, caused by a default, hard-coded admin password. An authenticated remote attacker could log in as admin (SSH port 2024) on affected systems. Known affected release: 2.2(9.76). Cisco advisory notes there are...

CVE-2017-6696

A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected system. More Information: CSCvd73677. Known Affected Releases: 2.32...

CVE-2017-6696

Cisco Elastic Services Controller (ESC) contains an information-disclosure vulnerability in its file-system credential repository. An authenticated, local attacker could access sensitive user credentials stored on an affected system due to insufficient access control over the credential repositor...

[SECURITY] Fedora 26 Update: dolphin-emu-5.0-14.fc26

Dolphin is a Gamecube, Wii and Triforce the arcade machine based on the Gamecube emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplaye r, and more. Most games run perfectly or with minor bugs...

Cisco Elastic Services Controller Web Interface System Credentials Information Disclosure Vulnerability

A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive credentials that are stored in an affected system. The vulnerability exists because the affected software does not sufficiently control access to the...

Cisco Elastic Services Controller Arbitrary Command Execution Vulnerability

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. The vulnerability is due to insufficient sanitization of commands that are permitted to run from the ConfD...

Cisco Elastic Services Controller Insecure Default Administrator Credentials Vulnerability

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user. The vulnerability is due to the existence of a default, weak, hard-coded password for the admin user of an affected system. An...

Cisco Elastic Services Controller Unauthorized Directory Access Vulnerability

A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system. The vulnerability exists because the affected component does not sufficiently protect files that...

Cisco Elastic Services Controller Insecure Default Credentials Vulnerability

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux admin user. The vulnerability is due to the existence of a default, weak, hard-coded password for the Linux admin user of an affected system. A successf...

Cisco Elastic Services Controller Information Disclosure Vulnerability

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to improper permissions that are set for certain files by the affected service. An attacker could...

Cisco Elastic Services Controller User Credentials Information Disclosure Vulnerability

A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive credentials that are stored in an affected system. The vulnerability exists because the affected software does not sufficiently control access to the...

Power Managed Server VDA's does not receive shutdown request

Randomly some of the Power Managed Server VDA's receive a shutdown request approximately 20 mins after the scheduled reboot and do not power on automatically and remain Turned Off. Scout logs detect the following: Some Power Actions are marked as failures by Broker possibly because VDAs are not...

Information Disclosure Vulnerability in Multiple Rockwell Automation Products

Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A and others are programmable logic controller PLC products from Rockwell Automation. An information disclosure vulnerability exists in multiple Rockwell Automation products. An attacker could exploit this vulnerability to recov...

Unspecified Vulnerability in Multiple Rockwell Automation Products (CNVD-2017-08713)

Rockwell Automation Allen-Bradley MicroLogix 1100 1763-L16AWA Series A and others are programmable logic controller PLC products from Rockwell Automation. A security vulnerability exists in several Rockwell Automation products. An attacker could exploit the vulnerability to capture and respond to...

Multiple File Upload and Arbitrary Code Execution Vulnerabilities in FineCMS

FineCMS is a content management system CMS developed using MVC architecture and PDO database interface. FineCMS has multiple file upload and arbitrary code execution vulnerabilities. finecms\dayrui\controllers\member\Api.php in the downfile and swfupload functions of the file upload vulnerability...