CVE Daily

CVE-2014-8027

The RBAC component in Cisco Secure Access Control System (ACS) allows remote aut...

Medium CVSS 6.5

Overview

The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.

CWE: CWE-264 Published: 2015-01-09T02:59:03.383
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags