Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Elastic Services Controller REST API Authentication Bypass Vulnerability
Vulnerability Description
A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
Cisco Elastic Services Controller 授权问题漏洞
Vulnerability Description
Cisco Elastic Services Controller(ESC)是美国思科(Cisco)公司的一套开源的用于管理虚拟资源的模块化系统。 Cisco ESC中的REST API存在授权问题漏洞,该漏洞源于程序没有正确验证请求。远程攻击者可通过向REST API发送特制的请求利用该漏洞以管理权限执行任意操作。以下产品及版本受到影响:Cisco ESC 4.1版本,4.2版本,4.3版本,4.4版本。
CVSS Information
N/A
Vulnerability Type
N/A