Cross-Site Scripting Vulnerability in Cisco Secure Access Control System
CVE-2014-0668

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 20 January 2014

Summary

A Cross-Site Scripting vulnerability exists in the Cisco Secure Access Control System (ACS) portal, allowing remote attackers to inject arbitrary web scripts or HTML through manipulated input parameters. This exploit can lead to unauthorized access and potential data breaches, posing a significant risk to users interacting with the web interface. Organizations using Cisco ACS should apply necessary patches and enhance their web application security measures to mitigate these risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90561

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/56543

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 20, 2014
Vulnerability Reserved
Jan 2, 2014