2 matches found
CVE-2018-0130
CVE-2018-0130 affects Cisco Elastic Services Controller (ESC) Software Release 3.0.0. The issue arises from static default credentials used by the web-based service portal, allowing an unauthenticated, remote attacker to obtain an administrative session token and gain admin access. Exploitation i...
CVE-2018-0121
Cisco Elastic Services Controller Software Release 3.0.0 contains an authentication bypass in the web-based service portal. The issue arises from improper security restrictions in the portal, allowing an unauthenticated remote attacker to bypass authentication by submitting an empty password valu...