Privilege Escalation Vulnerability in Cisco Secure Access Control System
CVE-2014-8027

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control System
Vendor: CVE Published:; 9 January 2015

Summary

A vulnerability exists in the RBAC component of Cisco Secure Access Control System that allows remote authenticated users to escalate their privileges. By sending specially crafted HTTP requests, users can gain Network Device Administrator privileges, enabling them to perform critical operations such as creating, deleting, reading, and updating configuration settings. This vulnerability poses a significant risk to network integrity and requires prompt remediation to secure affected systems.

References

http://www.securityfocus.com/bid/71944

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/100558

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 9, 2015
Vulnerability Reserved
Oct 8, 2014