Cisco.Elastic.Services.Controller.REST.API.Security.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Cisco Systems Elastic Services Controller.
A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request using HTTP Basic Authentication. Successful exploitation results in the bypassing of authentication functions, allowing the calling of all API functions which permits an attacker to perform all API functions such as deploying malicious VMs, and modifying user credentials, effectively allowing broad levels of remote code execution.
Affected Products
Cisco Systems Elastic Services Controller 4.1
Cisco Systems Elastic Services Controller 4.2
Cisco Systems Elastic Services Controller 4.3
Cisco Systems Elastic Services Controller 4.4
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190507-esc-authbypass
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |