Unintentional Administration Web Interface Vulnerability in Cisco Secure Access Control Server (ACS)

CVE-2014-2130 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka Bug ID CSCuj83189.

Learn more about our Cis Benchmark Audit For Apache Http Server.