Session Management Flaw in Cisco Secure Access Control System
CVE-2014-0678

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 25 January 2014

What is CVE-2014-0678?

The portal interface in Cisco Secure Access Control System (ACS) is susceptible to session management vulnerabilities that allow remote authenticated users to hijack sessions. This flaw enables attackers to gain elevated privileges through unspecified methods, potentially compromising system security. Businesses using Cisco ACS should implement appropriate measures to mitigate the associated risks.

References

http://secunia.com/advisories/56540

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/65144

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 25, 2014
Vulnerability Reserved
Jan 2, 2014