Elastic Services Controller Security Vulnerabilities and Issues — Elastic Services Controller CVE List

Lucene search

CiscoElastic Services Controller

4 matches found

CVE•added 2017/08/17 8:29 p.m.•49 views

CVE-2017-6776

A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affec...

6.1CVSS6AI score0.00164EPSS

CVE•added 2017/08/17 8:29 p.m.•46 views

CVE-2017-6786

A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive log files. An attacker coul...

6.3CVSS6.2AI score0.00066EPSS

CVE•added 2017/06/13 6:29 a.m.•36 views

CVE-2017-6697

A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system. More Information: CSCvd76339. Known Affected Releases: 2.2(9.76).

6.5CVSS6.4AI score0.00204EPSS

CVE•added 2017/06/13 6:29 a.m.•34 views

CVE-2017-6691

A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive information on an affected system. More Information: CSCvd29403. Known Affected Releases: 2.3(2).

6.5CVSS6.3AI score0.00213EPSS