2 matches found
CVE-2012-3063
CVE-2012-3063 affects Cisco ACE (Application Control Engine) in multicontext mode. Cisco ACE software versions before A4(2.3) and A5(1.1) fail to share a management IP address correctly among multiple contexts, enabling remote authenticated administrators to bypass access restrictions and read/mo...
CVE-2016-1297
The Cisco ACE 4710 Application Control Engine Device Manager GUI is affected (A5 before A5(3.1/3.0)) by a remote command injection vulnerability via insufficient validation of HTTP POST input, allowing an authenticated attacker to bypass RBAC and execute arbitrary CLI commands with admin privileg...