Insecure Default Password Vulnerability in Cisco Elastic Services Controllers
CVE-2017-6688

8.8HIGH

Key Information:

Vendor: Cisco
Status: Cisco Elastic Services Controller
Vendor: CVE Published:; 13 June 2017

Summary

An insecure default password vulnerability present in Cisco Elastic Services Controllers may allow an authenticated remote attacker to gain unauthorized access, effectively enabling root-level access to the affected system. This vulnerability emphasizes the importance of changing default credentials to prevent unauthorized access and potential exploitation.

Affected Version(s)

Cisco Elastic Services Controller Cisco Elastic Services Controller

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/98973

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 13, 2017
Vulnerability Reserved
Mar 9, 2017