Lucene search

[email protected]CVE-2014-8027

HistoryJan 09, 2015 - 2:59 a.m.

CVE-2014-8027

2015-01-0902:59:03

CWE-264

[email protected]

web.nvd.nist.gov

cisco

acs

rbac

network device administrator

http requests

bug id cscuq79034

cve-2014-8027

6.4 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

66.2%

JSON

The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.

Affected configurations

NVD

Node

ciscosecure_access_control_systemMatch-

CPENameOperatorVersion
cisco:secure_access_control_systemcisco secure access control systemeq-

CPE	Name	Operator	Version
cisco:secure_access_control_system	cisco secure access control system	eq	-

References

secunia.com/advisories/62159

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8027

www.securityfocus.com/bid/71944

www.securitytracker.com/id/1031516

exchange.xforce.ibmcloud.com/vulnerabilities/100558

6.4 Medium

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

66.2%

JSON

Related for CVE-2014-8027

nvd1 cvelist1 prion1 cisco1