Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Secure Access Control Server Solution Engine 权限许可和访问控制漏洞
Vulnerability Description
Cisco Secure Access Control Server(ACS)是美国思科(Cisco)公司的一款安全访问控制服务器。Solution Engine是其中的一个服务器引擎解决方案。 Cisco Secure ACS 5.7(0.15)版本的Solution Engine中的report-generation Web界面中存在安全漏洞,该漏洞源于程序没有正确执行RBAC验证。远程攻击者可通过访问受限制的Web页面利用该漏洞绕过既定的RBAC限制,读取报告或状态信息。
CVSS Information
N/A
Vulnerability Type
N/A