CVE-2014-0648

critical Cisco
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
7.8%
Exploitation probability in 30 days
Top 8% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: January 16, 2014 (4500 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.

CWE

CWE-264

Affected Products

cisco secure access control system

References

🔗 osvdb.org 🔗 secunia.com 🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 www.securityfocus.com