Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8027

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2014-8027
Last Modified 10 Feb 2015 09:59:32
Published 08 Jan 2015 09:59:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-8027

Summary

The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.

Vulnerable Systems

Application

  • Cisco Secure Access Control System -


References

CISCO - 20150108 Cisco Secure Access Control Server Privilege Escalation Vulnerability

XF - cisco-secureacs-cve20148027-priv-esc(100558)


Last Updated: 27 May 2016 11:07:44