10

CVE-2014-0648

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoSecure Access Control System Version <= 5.4.0.46.6
CiscoSecure Access Control System Version5.1.0.44
CiscoSecure Access Control System Version5.1.0.44.1
CiscoSecure Access Control System Version5.1.0.44.2
CiscoSecure Access Control System Version5.1.0.44.3
CiscoSecure Access Control System Version5.1.0.44.4
CiscoSecure Access Control System Version5.1.0.44.5
CiscoSecure Access Control System Version5.2.0.26
CiscoSecure Access Control System Version5.2.0.26.1
CiscoSecure Access Control System Version5.2.0.26.2
CiscoSecure Access Control System Version5.3.0.40.1
CiscoSecure Access Control System Version5.3.0.40.2
CiscoSecure Access Control System Version5.3.0.40.3
CiscoSecure Access Control System Version5.3.0.40.4
CiscoSecure Access Control System Version5.3.0.40.5
CiscoSecure Access Control System Version5.3.0.40.6
CiscoSecure Access Control System Version5.3.0.40.7
CiscoSecure Access Control System Version5.3.0.40.8
CiscoSecure Access Control System Version5.3.0.40.9
CiscoSecure Access Control System Version5.4.0.46.1
CiscoSecure Access Control System Version5.4.0.46.2
CiscoSecure Access Control System Version5.4.0.46.3
CiscoSecure Access Control System Version5.4.0.46.4
CiscoSecure Access Control System Version5.4.0.46.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.93% 0.923
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/102117
http://secunia.com/advisories/56213
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32379
Vendor Advisory
http://www.securityfocus.com/bid/64962
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029634
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90431