Bypassing RBAC Restrictions in Cisco Secure Access Control Server (ACS) 5.7(0.15)
CVE-2015-6348 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
Learn more about our Cis Benchmark Audit For Cisco.