HTTP: Cisco Elastic Services Controller REST API Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Cisco Elastic Services Controller. Successful exploitation could lead to authentication bypass.
Extended Description
A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability by sending a crafted request to the REST API. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on an affected system.
Affected Products
Cisco elastic_services_controller
References
CVE: CVE-2019-1867
Short Name
HTTP:CISCO:CVE-2019-1867-BYPASS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
API Authentication Bypass CVE-2019-1867 Cisco Controller Elastic REST Services
Release Date
06/17/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Cisco
CVSS Score
10.0