Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make limited configuration changes. For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-case-mvuln-dYrDPC6w | Vendor Advisory |
Information
Published : 2021-02-24 12:15
Updated : 2021-03-02 06:17
NVD link : CVE-2021-1393
Mitre link : CVE-2021-1393
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
cisco
- application_services_engine
- application_policy_infrastructure_controller