Top
image credit: Prayitno / Flickr

Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover

May 8, 2019

Category:

A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request.

Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to automate the deployment and monitoring of functions running on their virtual machines. The authentication bypass vulnerability, CVE-2019-1867, has a CVSS score of 10 out of 10, making it a critical flaw.

Read More on Threat Post