Bypassing RBAC Restrictions in Cisco Secure Access Control Server (ACS) 5.7(0.15)

Bypassing RBAC Restrictions in Cisco Secure Access Control Server (ACS) 5.7(0.15)

CVE-2015-6348 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.

Learn more about our Cis Benchmark Audit For Cisco.