Arbitrary Command Execution Vulnerability in Cisco Secure Access Control System (ACS) 5.x

Arbitrary Command Execution Vulnerability in Cisco Secure Access Control System (ACS) 5.x

CVE-2014-0650 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.

Learn more about our Cis Benchmark Audit For Cisco.