CVE-2015-6348

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control Server
Vendor: CVE Published:; 30 October 2015

Summary

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.

References

http://www.securitytracker.com/id/1033970

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 30, 2015
Vulnerability Reserved
Aug 17, 2015