Secure Access Control System Security Vulnerabilities and Issues — Secure Access Control System CVE List

Lucene search

CiscoSecure Access Control System

3 matches found

CVE•added 2015/01/09 2:59 a.m.•43 views

CVE-2014-8027

The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.

6.5CVSS6.4AI score0.00161EPSS

CVE•added 2015/01/09 2:59 a.m.•36 views

CVE-2014-8028

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Control System (ACS) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq79019.

4.3CVSS5.8AI score0.00329EPSS

CVE•added 2015/01/09 2:59 a.m.•36 views

CVE-2014-8029

Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150.

5.8CVSS6.9AI score0.00329EPSS