Access Control Server Vulnerabilities in Cisco Products
CVE-2013-3380

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control Server Solution Engine
Vendor: CVE Published:; 12 June 2013

What is CVE-2013-3380?

The administrative web interface of Cisco's Secure Access Control System (ACS) is vulnerable due to insufficient restrictions on the report view page. This flaw allows remote authenticated users to exploit the interface, potentially leading to the disclosure of sensitive information through unauthorized direct requests. As a result, proper access control measures are crucial to safeguard information and mitigate risks associated with this vulnerability.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 12, 2013