Lucene search
CiscoCVE-2014-0678HistoryJan 25, 2014 - 10:55 p.m.
CVE-2014-0678
2014-01-2522:55:03
CWE-264
cisco
web.nvd.nist.gov
22
cisco
acs
session hijacking
vulnerability
cve-2014-0678
nvd
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0.003
Percentile
68.5%
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
Affected configurations
Node
ciscosecure_access_control_systemMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | secure_access_control_system | - | cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:* |
Related
nessus
nessus
Cisco Secure ACS Portal Interface Session Hijacking
2014-02-05 00:00:00
nvd
nvd
CVE-2014-0678
2014-01-25 22:55:03
prion
prion
Design/Logic Flaw
2014-01-25 22:55:00
cvelist
cvelist
CVE-2014-0678
2014-01-25 22:00:00
cisco
cisco
Cisco Secure ACS Portal Session Management Vulnerability
2014-01-27 14:20:06
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0.003
Percentile
68.5%
Related for CVE-2014-0678