Lucene search
CiscoCVE-2014-8027HistoryJan 09, 2015 - 2:59 a.m.
CVE-2014-8027
2015-01-0902:59:03
CWE-264
cisco
web.nvd.nist.gov
30
cisco
acs
rbac
network device administrator
http requests
bug id cscuq79034
cve-2014-8027
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
66.3%
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Affected configurations
Node
ciscosecure_access_control_systemMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | secure_access_control_system | - | cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-8027
2015-01-09 02:59:03
cvelist
cvelist
CVE-2014-8027
2015-01-09 02:00:00
prion
prion
Design/Logic Flaw
2015-01-09 02:59:00
cisco
cisco
Cisco Secure Access Control Server Privilege Escalation Vulnerability
2015-01-15 23:05:50
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
66.3%
Related for CVE-2014-8027