Forum Discussion
Cisco IOS XE REST API Container Vulnerability Receives...
Cisco IOS XE REST API Container Vulnerability Receives Maximum CVSSv3 Score Late last month, Cisco released 10 advisories to patch vulnerabilities across a variety of their products. Most notable in...
What if you don't have REST API installed and ACAS flags for this vulnerability?
Hi @Autumn Mc,
Thanks for reaching out. Based on the Cisco advisory for the vulnerability, there are a few different requirements that need to be met in order for an attacker to exploit the vulnerability. In this case, if the REST API virtual service container isn't installed, then the system isn't vulnerable. To address the fact that ACAS is flagging the vulnerability, I'd recommend you open up a support ticket at support.tenable.com so that we can get that triaged.
Thanks again.
Regards,
Satnam
