A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request.
Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to automate the deployment and monitoring of functions running on their virtual machines. The authentication bypass vulnerability, CVE-2019-1867, has a CVSS score of 10 out of 10, making it a critical flaw.