NVD

Id
29532  
Name
CVE-2014-0648  
Description
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-01-16  
Modified Date
2016-09-16  
Seq
2014-0648  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
156483 29532 CVE-2014-0648 20140115 Multiple Vulnerabilities in Cisco Secure Access Control System  View
156484 29532 CVE-2014-0648 http://tools.cisco.com/security/center/viewAlert.x?alertId=32379  View
156485 29532 CVE-2014-0648 64962  View
156486 29532 CVE-2014-0648 1029634  View
156487 29532 CVE-2014-0648 cisco-acs-cve20140648-unauth-access(90431)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12314 JVNDB-2014-001189 Cisco Secure Access Control System の RMI インターフェースにおける管理アクセス権を取得される脆弱性 Cisco Secure Access Control System (ACS) の RMI インターフェースは、認証と認可の要求を適切に処理しないため、管理アクセス権を取得される脆弱性が存在します。 CVE-2014-0648 68049 CVE-2014-0648 29532 10 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001189.html 2014-01-15 2014-01-20 View