CVE-2014-8027
First published: Fri Jan 09 2015(Updated: )
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Secure Access Control Server |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-8027?
CVE-2014-8027 is rated as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2014-8027?
To remediate CVE-2014-8027, update the Cisco Secure Access Control System to the latest version as recommended by Cisco.
Who is affected by CVE-2014-8027?
CVE-2014-8027 affects users of Cisco Secure Access Control System who have remote authenticated access.
What type of attack does CVE-2014-8027 facilitate?
CVE-2014-8027 facilitates privilege escalation attacks allowing unauthorized operations on network devices.
Can CVE-2014-8027 be exploited remotely?
Yes, CVE-2014-8027 can be exploited remotely by authenticated users through crafted HTTP requests.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco secure access control server