Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2130


Vulnerability Score 6.5 6.5
CVE Id CVE-2014-2130
Last Modified 17 Mar 2015 10:00:39
Published 05 Mar 2015 09:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka Bug ID CSCuj83189.

Vulnerable Systems


  • Cisco Secure Access Control System -


CISCO - 20150304 Cisco Secure Access Control Server Default Tomcat Administration Interface Vulnerability

SECTRACK - 1031844

Last Updated: 27 May 2016 10:53:58