CVE Vulnerabilities

CVE-2014-0648

Published: Jan 16, 2014 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.

Affected Software

Name Vendor Start Version End Version
Secure_access_control_system Cisco * 5.4.0.46.6 (including)
Secure_access_control_system Cisco 5.1 (including) 5.1 (including)
Secure_access_control_system Cisco 5.1.0.44 (including) 5.1.0.44 (including)
Secure_access_control_system Cisco 5.1.0.44.1 (including) 5.1.0.44.1 (including)
Secure_access_control_system Cisco 5.1.0.44.2 (including) 5.1.0.44.2 (including)
Secure_access_control_system Cisco 5.1.0.44.3 (including) 5.1.0.44.3 (including)
Secure_access_control_system Cisco 5.1.0.44.4 (including) 5.1.0.44.4 (including)
Secure_access_control_system Cisco 5.1.0.44.5 (including) 5.1.0.44.5 (including)
Secure_access_control_system Cisco 5.2 (including) 5.2 (including)
Secure_access_control_system Cisco 5.2.0.26 (including) 5.2.0.26 (including)
Secure_access_control_system Cisco 5.2.0.26.1 (including) 5.2.0.26.1 (including)
Secure_access_control_system Cisco 5.2.0.26.2 (including) 5.2.0.26.2 (including)
Secure_access_control_system Cisco 5.3.0.40.1 (including) 5.3.0.40.1 (including)
Secure_access_control_system Cisco 5.3.0.40.2 (including) 5.3.0.40.2 (including)
Secure_access_control_system Cisco 5.3.0.40.3 (including) 5.3.0.40.3 (including)
Secure_access_control_system Cisco 5.3.0.40.4 (including) 5.3.0.40.4 (including)
Secure_access_control_system Cisco 5.3.0.40.5 (including) 5.3.0.40.5 (including)
Secure_access_control_system Cisco 5.3.0.40.6 (including) 5.3.0.40.6 (including)
Secure_access_control_system Cisco 5.3.0.40.7 (including) 5.3.0.40.7 (including)
Secure_access_control_system Cisco 5.3.0.40.8 (including) 5.3.0.40.8 (including)
Secure_access_control_system Cisco 5.3.0.40.9 (including) 5.3.0.40.9 (including)
Secure_access_control_system Cisco 5.4.0.46.1 (including) 5.4.0.46.1 (including)
Secure_access_control_system Cisco 5.4.0.46.2 (including) 5.4.0.46.2 (including)
Secure_access_control_system Cisco 5.4.0.46.3 (including) 5.4.0.46.3 (including)
Secure_access_control_system Cisco 5.4.0.46.4 (including) 5.4.0.46.4 (including)
Secure_access_control_system Cisco 5.4.0.46.5 (including) 5.4.0.46.5 (including)

References