Vulnerability Details CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.7%
CVSS Severity
CVSS v2 Score 6.5
References
- http://secunia.com/advisories/62159
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8027
- http://www.securityfocus.com/bid/71944
- http://www.securitytracker.com/id/1031516
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100558
- http://secunia.com/advisories/62159
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8027
- http://www.securityfocus.com/bid/71944
- http://www.securitytracker.com/id/1031516
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100558
Products affected by CVE-2014-8027
-
cpe:2.3:a:cisco:secure_access_control_system:-