Skip to main content

Virtual Managed Services

2 CVEs product

Monthly

CVE-2018-0130 CRITICAL Act Now

A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Privilege Escalation Cisco Virtual Managed Services
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2018-0121 CRITICAL Act Now

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Authentication Bypass Cisco Elastic Services Controller Virtual Managed Services
NVD
CVSS 3.0
9.8
EPSS
2.6%
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Privilege Escalation Cisco +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Elastic Authentication Bypass Cisco +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy