Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
CiscoElastic Services Controller2.2(9.76)

8 matches found

CVE
CVEadded 2017/08/17 8:29 p.m.49 views

CVE-2017-6776

A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affec...

6.1CVSS6AI score0.00164EPSS
CVE
CVEadded 2017/08/17 8:29 p.m.46 views

CVE-2017-6786

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker coul...

6.3CVSS6.2AI score0.00066EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.38 views

CVE-2017-6688

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user, aka an Insecure Default Password Vulnerability. More Information: CSCvc76631. Known Affected Releases: 2.2(9.76).

9CVSS8.4AI score0.00992EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.36 views

CVE-2017-6697

A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. More Information: CSCvd76339. Known Affected Releases: 2.2(9.76).

6.5CVSS6.4AI score0.00204EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.35 views

CVE-2017-6682

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).

8.8CVSS8.6AI score0.00951EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.35 views

CVE-2017-6689

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the admin user, aka an Insecure Default Administrator Credentials Vulnerability. More Information: CSCvc76661. Known Affected Releases: 2.2(9.76).

8.8CVSS8.5AI score0.00767EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.34 views

CVE-2017-6693

A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Affected Releases: 2.2(9.76)...

5.5CVSS5.2AI score0.00057EPSS
CVE
CVEadded 2017/06/13 6:29 a.m.33 views

CVE-2017-6683

A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to execute arbitrary commands as the tomcat user on an affected system, aka an Authentication Request Processing Arbitrary Command Execution Vulnerability. More Informat...

9CVSS9.1AI score0.12361EPSS