Cisco Elastic Services Controller — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Elastic Services Controller, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2019-1867 — CVSS 10.0 (critical): A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass…
CVE-2018-0121 — CVSS 9.8 (critical): A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could…
CVE-2017-6713 — CVSS 9.8 (critical): A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain…
CVE-2017-6688 — CVSS 8.8 (high): A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the…
CVE-2017-6689 — CVSS 8.8 (high): A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an…
CVE-2017-6682 — CVSS 8.8 (high): A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to run arbitrary…
CVE-2017-6683 — CVSS 8.8 (high): A vulnerability in the esc_listener.py script of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to…
CVE-2017-6684 — CVSS 8.8 (high): A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the…
CVE-2017-6712 — CVSS 8.8 (high): A vulnerability in certain commands of Cisco Elastic Services Controller could allow an authenticated, remote attacker to elevate…
CVE-2017-6691 — CVSS 6.5 (medium): A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive…
CVE-2017-6697 — CVSS 6.5 (medium): A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access…
CVE-2017-6786 — CVSS 6.3 (medium): A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive…
CVE-2017-6776 — CVSS 6.1 (medium): A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct…
CVE-2017-6696 — CVSS 5.5 (medium): A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to…
CVE-2017-6693 — CVSS 5.5 (medium): A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow an authenticated, local attacker to access…
CVE-2021-1312 — CVSS 5.3 (medium): A vulnerability in the system resource management of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote…
CVE-2017-6777 — CVSS 4.9 (medium): A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire…
CVE-2017-6772 — CVSS 4.3 (medium): A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The…
CVE-2018-0106 — CVSS 3.3 (low): A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access…