CVE Vulnerabilities

CVE-2014-0648

Published: Jan 16, 2014 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.

Affected Software

Name Vendor Start Version End Version
Secure_access_control_system Cisco * 5.4.0.46.6 (including)
Secure_access_control_system Cisco 5.1 (including) 5.1 (including)
Secure_access_control_system Cisco 5.1.0.44 (including) 5.1.0.44 (including)
Secure_access_control_system Cisco 5.1.0.44.1 (including) 5.1.0.44.1 (including)
Secure_access_control_system Cisco 5.1.0.44.2 (including) 5.1.0.44.2 (including)
Secure_access_control_system Cisco 5.1.0.44.3 (including) 5.1.0.44.3 (including)
Secure_access_control_system Cisco 5.1.0.44.4 (including) 5.1.0.44.4 (including)
Secure_access_control_system Cisco 5.1.0.44.5 (including) 5.1.0.44.5 (including)
Secure_access_control_system Cisco 5.2 (including) 5.2 (including)
Secure_access_control_system Cisco 5.2.0.26 (including) 5.2.0.26 (including)
Secure_access_control_system Cisco 5.2.0.26.1 (including) 5.2.0.26.1 (including)
Secure_access_control_system Cisco 5.2.0.26.2 (including) 5.2.0.26.2 (including)
Secure_access_control_system Cisco 5.3.0.40.1 (including) 5.3.0.40.1 (including)
Secure_access_control_system Cisco 5.3.0.40.2 (including) 5.3.0.40.2 (including)
Secure_access_control_system Cisco 5.3.0.40.3 (including) 5.3.0.40.3 (including)
Secure_access_control_system Cisco 5.3.0.40.4 (including) 5.3.0.40.4 (including)
Secure_access_control_system Cisco 5.3.0.40.5 (including) 5.3.0.40.5 (including)
Secure_access_control_system Cisco 5.3.0.40.6 (including) 5.3.0.40.6 (including)
Secure_access_control_system Cisco 5.3.0.40.7 (including) 5.3.0.40.7 (including)
Secure_access_control_system Cisco 5.3.0.40.8 (including) 5.3.0.40.8 (including)
Secure_access_control_system Cisco 5.3.0.40.9 (including) 5.3.0.40.9 (including)
Secure_access_control_system Cisco 5.4.0.46.1 (including) 5.4.0.46.1 (including)
Secure_access_control_system Cisco 5.4.0.46.2 (including) 5.4.0.46.2 (including)
Secure_access_control_system Cisco 5.4.0.46.3 (including) 5.4.0.46.3 (including)
Secure_access_control_system Cisco 5.4.0.46.4 (including) 5.4.0.46.4 (including)
Secure_access_control_system Cisco 5.4.0.46.5 (including) 5.4.0.46.5 (including)

References