Lucene search

[email protected]NVD:CVE-2014-0678

HistoryJan 25, 2014 - 10:55 p.m.

CVE-2014-0678

2014-01-2522:55:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

68.5%

JSON

The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.

Affected configurations

Nvd

Node

ciscosecure_access_control_systemMatch-

VendorProductVersionCPE
ciscosecure_access_control_system-cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	secure_access_control_system	-	cpe:2.3:a:cisco:secure_access_control_system:-:::::::*

References

osvdb.org/102558

secunia.com/advisories/56540

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0678

tools.cisco.com/security/center/viewAlert.x?alertId=32567

www.securityfocus.com/bid/65144

www.securitytracker.com/id/1029688

exchange.xforce.ibmcloud.com/vulnerabilities/90732

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

68.5%

JSON

Related for NVD:CVE-2014-0678

cisco1 cvelist1 cve1 nessus1 prion1