CVE-2018-0414
The CVE-2018-0414 issue affects Cisco Secure Access Control Server (ACS) in its web-based UI. The root cause is incorrect handling of XML External Entities (XXEs) when parsing an XML file, enabling an authenticated, remote attacker to obtain read access to information in the affected system by tr...