Preview Tool

Cisco Bug: CSCvs37814 - ESC Confd readonly user is able to logout other users from confd_cli session

Last Modified

Aug 31, 2020

Products (1)

  • Cisco Elastic Services Controller

Known Affected Releases


Description (partial)

ConfD readonly user is able to perform disruptive command such as logging out other users from confd_cli session.

After entering configure mode, readonly user can perform disruptive operations such as logging out other confd user sessions by running any system-level requests or any operational-mode command which would usually get permission denied error if not ran through configure mode such as below:
esc_readonly@prathmis-vpc> request system logout user admin
Aborted: permission denied
[error][2019-12-07 21:47:34]
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.