CVE-2014-0678

Опубликовано: 25 янв. 2014

Источник: nvd

CVSS2: 5.5

EPSS Низкий

Описание

The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.

Ссылки

http://osvdb.org/102558
http://secunia.com/advisories/56540
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0678
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32567
Vendor Advisory
http://www.securityfocus.com/bid/65144
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029688
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90732
http://osvdb.org/102558
http://secunia.com/advisories/56540
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0678
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32567
Vendor Advisory
http://www.securityfocus.com/bid/65144
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029688
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90732

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:secure_access_control_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00381

Низкий

5.5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-f96r-pff3-7745

github

больше 3 лет назад