QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0106

Back to search

CVE-2018-0106

Published: Jan 18, 2018

Modified: Dec 2, 2024

PUBLISHED

Description

A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. The vulnerability is due to insufficient security restrictions. An attacker could exploit this vulnerability by accessing unauthorized information within the ConfD directory and file structure. Successful exploitation could allow the attacker to view sensitive information. Cisco Bug IDs: CSCvg00221.

VendorProductVersions

n/a

Cisco Elastic Services Controller

affected
Cisco Elastic Services Controller

Weaknesses (CWE)

CWE-200

References

102757
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now