Security restrictions bypass in Elastic Services Controller - CVE-2017-6713
Published: July 6, 2017
Vulnerability identifier: #VU7367
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2017-6713
CWE-ID: CWE-255
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Elastic Services Controller
Elastic Services Controller
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass security restrictions.
The weakness exists in the Play Framework of Cisco Elastic Services Controller (ESC) due to static, default credentials for the Cisco ESC UI that are shared between installations. A remote attacker who can extract the static credentials from an existing installation of Cisco ESCcan generate an admin session token and access all instances of the ESC web UI.
Successful exploitation of the vulnerability results in full access to the system.
The weakness exists in the Play Framework of Cisco Elastic Services Controller (ESC) due to static, default credentials for the Cisco ESC UI that are shared between installations. A remote attacker who can extract the static credentials from an existing installation of Cisco ESCcan generate an admin session token and access all instances of the ESC web UI.
Successful exploitation of the vulnerability results in full access to the system.
How to mitigate CVE-2017-6713
The vulnerability is addressed in the following versions:
2.3.1.434, 2.3.2.
2.3.1.434, 2.3.2.