A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCisco Elastic Services Controller
APPCisco4.1 – 4.5 (bez)
Powiązane podatności
A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services ...
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticate...
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote ...
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in ...
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote at...