Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco elastic services controller vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2017-6712
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote malicious user to elevate privileges to root and run dangerous commands on the server. The vulnerability occurs because a "tomcat" user on the system can run ce...
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.1.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
10
CVSSv2
CVE-2017-6713
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between ...
Cisco Elastic Services Controller 2.0
Cisco Elastic Services Controller 1.1.0
Cisco Elastic Services Controller 2.2.0
Cisco Elastic Services Controller 1.0.0
Cisco Elastic Services Controller 2.3.0
Cisco Elastic Services Controller 2.1.0
4
CVSSv2
CVE-2017-6777
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote malicious user to acquire sensitive system information. The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could ...
Cisco Elastic Services Controller 2.3\\(2\\)
Cisco Elastic Services Controller 2.3
4.3
CVSSv2
CVE-2017-6776
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web interface. The vulnerability is due to insufficient validation of user-su...
Cisco Elastic Services Controller 2.3\\(1\\)
Cisco Elastic Services Controller 2.2\\(9.76\\)
2.1
CVSSv2
CVE-2017-6693
A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local malicious user to access information stored in the file system of an affected system, aka Unauthorized Directory Access. More Information: CSCvd76286. Known Aff...
Cisco Elastic Services Controller 2.2\\(9.76\\)
Cisco Elastic Services Controller 2.3\\(1\\)
4.6
CVSSv2
CVE-2017-6786
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged malicious user to access sensitive information, including credentials for system accounts, on an affected system. The vulnerability is due to improper protection of sensitive lo...
Cisco Elastic Services Controller 2.2\\(9.76\\)
4
CVSSv2
CVE-2017-6772
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote malicious user to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to t...
Cisco Elastic Services Controller 2.3\\(2\\)
2.1
CVSSv2
CVE-2018-0106
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local malicious user to access sensitive information on a targeted system. The vulnerability is due to insufficient security restrictions. An attacker could exploit ...
Cisco Elastic Services Controller
9
CVSSv2
CVE-2017-6684
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote malicious user to log in to an affected system as the Linux admin user, aka an Insecure Default Credentials Vulnerability. More Information: CSCvc76651. Known Affected Releases: 21.0.0.
Cisco Elastic Services Controller 21.0.0
6.5
CVSSv2
CVE-2017-6682
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote malicious user to run arbitrary commands as the Linux tomcat user on an affected system. More Information: CSCvc76620. Known Affected Releases: 2.2(9.76).
Cisco Elastic Services Controller 2.2\\(9.76\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »