Vulnerability Details CVE-2014-0650
The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.078
EPSS Ranking 91.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/102115
- http://secunia.com/advisories/56213
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32380
- http://www.securityfocus.com/bid/64964
- http://www.securitytracker.com/id/1029634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90432
- http://osvdb.org/102115
- http://secunia.com/advisories/56213
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32380
- http://www.securityfocus.com/bid/64964
- http://www.securitytracker.com/id/1029634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90432
Products affected by CVE-2014-0650
-
cpe:2.3:a:cisco:secure_access_control_system:-
-
cpe:2.3:a:cisco:secure_access_control_system:5.1
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.1
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.2
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.3
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.4
-
cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.5
-
cpe:2.3:a:cisco:secure_access_control_system:5.2
-
cpe:2.3:a:cisco:secure_access_control_system:5.2(0.3)
-
cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26
-
cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26.1
-
cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26.2
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.1
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.2
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.3
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.4
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.5
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.6
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.7
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.8
-
cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.9
-
cpe:2.3:a:cisco:secure_access_control_system:5.4
-
cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.1
-
cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.2