Arbitrary File Read Vulnerability in Cisco Secure Access Control System (ACS)

Arbitrary File Read Vulnerability in Cisco Secure Access Control System (ACS)

CVE-2014-0667 · MEDIUM Severity

AV:N/AC:M/AU:S/C:C/I:N/A:N

The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.

Learn more about our Cis Benchmark Audit For Cisco.