Vulnslist

Cisco product, release, and evidence lookup

CVE-2016-1297

The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul84801.

Data: Cisco advisories · Cisco CSAF · NVD CVEs · NVD CPEs · CISA KEV · EPSS

SeverityHIGH
CVSS8.8
EPSS0.61% EPSS medium
CWECWE-78
KEV
Published
Modified

Products with public affected evidence

Product Advisory Affected evidence
Cisco ACE 4700 Series Application Control Engine Appliances cisco-sa-20160224-ace structured affected CSAF product_status