Product

Cisco Secure Access Control System 5.3.0.40.4


View All Versions

Vulnerability History

Weakness Analysis

Related Vulnerabilities

Vulnerability Severity Score Release Date Summary
CVE-2014-0648 10.0 Jan. 16, 2014

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.

CVE-2014-0649 9.0 Jan. 16, 2014

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.

CVE-2014-0650 10.0 Jan. 16, 2014

The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.

CVE-2014-0649 9.0 Jan. 16, 2014

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.

CVE-2014-0650 10.0 Jan. 16, 2014

The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.

CVE-2014-0648 10.0 Jan. 16, 2014

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.

Followers