Description
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files. Cisco Bug IDs: CSCvd29408. Known Affected Releases: 2.3(2).
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco Systems, Inc. | Elastic Services Controller | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2017-15826 | A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files. Cisco Bug IDs: CSCvd29408. Known Affected Releases: 2.3(2). |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published:
Updated: 2024-09-16T21:57:05.977Z
Reserved: 2017-03-09T00:00:00.000Z
Link: CVE-2017-6772
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2017-08-17T20:29:00.497
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-6772
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses