Improper Authorization Enforcement in Cisco Secure ACS 5.x Allows Remote Users to Obtain Superadmin Access (CSCud75180)

Improper Authorization Enforcement in Cisco Secure ACS 5.x Allows Remote Users to Obtain Superadmin Access (CSCud75180)

CVE-2014-0649 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.

Learn more about our Cis Benchmark Audit For Cisco.