virus logo Intrusion Prevention

Cisco.Elastic.Services.Controller.REST.API.Security.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Cisco Systems Elastic Services Controller.
A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request using HTTP Basic Authentication. Successful exploitation results in the bypassing of authentication functions, allowing the calling of all API functions which permits an attacker to perform all API functions such as deploying malicious VMs, and modifying user credentials, effectively allowing broad levels of remote code execution.

affected-products-logoAffected Products

Cisco Systems Elastic Services Controller 4.1
Cisco Systems Elastic Services Controller 4.2
Cisco Systems Elastic Services Controller 4.3
Cisco Systems Elastic Services Controller 4.4

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190507-esc-authbypass

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-27 14.640 Default_action:pass:drop
2019-06-14 14.633
ID 48019
Created Jun 14, 2019
Updated Jun 26, 2019
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2019-1867
Exploit Prediction Score 2.13%
Default Action drop
Active
Affected OS Other
Affected App Cisco