CVSS: 9.0EPSS: 0%CPEs: 26EXPL: 0CVE-2014-0649
https://notcve.org/view.php?id=CVE-2014-0649
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180. El interface RMI en Cisco Secure Access Control System (ACS) v5.x anterior a v5.5 no aplica correctamente los requisitos de autorización, lo que permite a usuarios autenticados remotamente obtener acceso de superadmin a través de este interface, tambien conocido como Bug ID CSCud75180. • http://osvdb.org/102116 http://secunia.com/advisories/56213 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacs http://tools.cisco.com/security/center/viewAlert.x?alertId=32378 http://www.securityfocus.com/bid/64958 http://www.securitytracker.com/id/1029634 https://exchange.xforce.ibmcloud.com/vulnerabilities/90430 • CWE-264: Permissions, Privileges, and Access Controls •