CVE-2013-3380

The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.

Severity	MEDIUM
CVSS	4.0
CWE	CWE-200
KEV
Published	12 years ago
Modified	2 weeks ago

Related Products

Product	Advisory	Evidence
Cisco Secure Access Control System (ACS)	Cisco-SA-20130611-CVE-2013-3380	Cisco OpenVuln