CVE-2014-0678

Sažetak

The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.

Reference

http://osvdb.org/102558
http://secunia.com/advisories/56540
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0678
http://tools.cisco.com/security/center/viewAlert.x?alertId=32567
http://www.securityfocus.com/bid/65144
http://www.securitytracker.com/id/1029688
https://exchange.xforce.ibmcloud.com/vulnerabilities/90732

CVSS

Base:	5.5
Impact:	4.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

25-01-2014 - 22:55