Home > Cyber News > CVE-2019-1867: Highly Critical Bug in Cisco Elastic Services Controller

CVE-2019-1867: Highly Critical Bug in Cisco Elastic Services Controller

Cisco has patched yet another critical vulnerability outlined as CVE-2019-1867.

CVE-2019-1867 is a security flaw located in the REST API of Cisco Elastic Services Controller (ESC) that could allow an unauthenticated, remote attacker to bypass authentication on the REST API, as per the official advisory. Note that Cisco ESC is a popular enterprise software for managing virtualized resources, and the flaw should be addressed as soon as possible.

How Can CVE-2019-1867 Be Exploited?

First of all, the vulnerability is triggered by improper validation of API requests.

An attacker could exploit the flaw by sending a crafted request to the REST API. In case of a successful exploit, the attacker could be able to execute arbitrary code via the API with admin privileges on the vulnerable system.

Fortunately, Cisco has patched the vulnerability which received a 10.0 base CVSS score making it rather severe. The score comes from the fact that the bug can be exploited remotely, without the attacker having special privileges and without user interaction.

Related: [wplinkpreview url=”https://sensorstechforum.com/cve-2019-1663-critical-flaw/”] CVE-2019-1663: Critical Flaw in Cisco Wireless VPN and Firewall Routers.

These conditions can lead to high impact on the system’s confidentiality, integrity and availability. To top that off, the exploit based on CVE-2019-1867 is not complex at all, and an attack is easy to carry out.

The vulnerability affects versions 4.1, 4.2, 4.3, and 4.4 of Cisco ESC software. The only condition is that the vulnerable REST API is enabled. To determine whether the REST API is enabled on the ESC virtual machine, administrators can use sudo netstat -tlnup | grep ‘8443|8080’ and refer to the output of the command, Cisco says.

It should also be noted that the flaw was discovered by Cisco during internal security testing and there is no indication of actual attacks in the wild.

Administrators should upgrade to Cisco Elastic Services Controller Release 4.5 to avoid any future exploits. There are no workarounds to address the vulnerability.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree