CVE-2019-1867 – Cisco Elastic Services Controller REST API Authentication Bypass Vulnerability (May 2019)

Preface: A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API.

About Rest API: The attacker could be at the client side, sometimes it compromise of your REST API and, where the victim is the REST API server, so the attacker can creates a rogue, malicious app. This is exact what Cisco is going to address.

Speculation: Hacker can exploit this way, java org.flowable.CallExternalSystemDelegate package to jar .

Affected Products : Software Release 4.1, 4.2, 4.3, or 4.4 when the REST API is enabled.

Remark: The REST API is not enabled by default.

Official announcement: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190507-esc-authbypass

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.