Authorization Flaw in Cisco Secure Access Control System Allowing Elevated Access
CVE-2014-0649

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 16 January 2014

What is CVE-2014-0649?

The RMI interface in certain versions of Cisco Secure Access Control System fails to properly enforce authorization, allowing remote authenticated users to escalate privileges and gain superadmin access. This vulnerability could potentially lead to unauthorized control over the system, resulting in increased risks for data security and system integrity.

References

http://secunia.com/advisories/56213

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1029634

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 16, 2014
Vulnerability Reserved
Jan 2, 2014