CVE Vulnerabilities

CVE-2013-6695

Published: Dec 02, 2013 | Modified: Mar 04, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCuj39274.

Affected Software

Name Vendor Start Version End Version
Secure_access_control_system Cisco - (including) - (including)

References