CVE-2013-6695

2013-12-02T17:55:24
ID CVE-2013-6695
Type cve
Reporter NVD
Modified 2014-03-04T13:54:59

Description

The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCuj39274.