Unrated severityNVD Advisory· Published Jan 16, 2014· Updated Apr 29, 2026
CVE-2014-0649
CVE-2014-0649
Description
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
Affected products
26cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.1:*:*:*:*:*:*:*+ 25 more
- cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.4.0.46.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:*:*:*:*:*:*:*:*range: <=5.4.0.46.6
- cpe:2.3:a:cisco:secure_access_control_system:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.1.0.44.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.2.0.26.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_system:5.3.0.40.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140115-csacsnvdVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securityfocus.com/bid/64958nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029634nvdThird Party AdvisoryVDB Entry
- osvdb.org/102116nvd
- secunia.com/advisories/56213nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/90430nvd
News mentions
0No linked articles in our index yet.