Remote Code Execution Vulnerability in Cisco Secure Access Control System
CVE-2014-0650

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 16 January 2014

Summary

The web interface of Cisco Secure Access Control System (ACS) versions prior to 5.4 Patch 3 is susceptible to a serious vulnerability that allows remote attackers to execute arbitrary operating-system commands. This unauthorized command execution can lead to significant security risks and compromise the integrity of the system, exposing organizations to potential data breaches and operational failures. It is essential for users of Cisco ACS to apply the necessary patches to mitigate this threat and protect their networks.

References

http://osvdb.org/102115

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/56213

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 16, 2014
Vulnerability Reserved
Jan 2, 2014