Secure Access Control System@- Security Vulnerabilities and Issues — Secure Access Control System@- CVE List

Lucene search

CiscoSecure Access Control System-

4 matches found

CVE•added 2015/01/09 2:59 a.m.•43 views

CVE-2014-8027

The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.

6.5CVSS6.4AI score0.00161EPSS

CVE•added 2015/03/06 2:59 a.m.•36 views

CVE-2014-2130

Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka ...

6.5CVSS7.1AI score0.01153EPSS

CVE•added 2015/01/09 2:59 a.m.•36 views

CVE-2014-8028

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Control System (ACS) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq79019.

4.3CVSS5.8AI score0.00329EPSS

CVE•added 2015/01/09 2:59 a.m.•36 views

CVE-2014-8029

Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150.

5.8CVSS6.9AI score0.00329EPSS