Vulnerabilities > CVE-2014-8029 - Open Redirection vulnerability in Cisco Secure Access Control Server

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

cisco

NVD

Published: 2015-01-09

Updated: 2017-09-08

Summary

Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Secure Access Control System -	1

References

http://secunia.com/advisories/62159
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8029
http://www.securityfocus.com/bid/71948
http://www.securitytracker.com/id/1031514
https://exchange.xforce.ibmcloud.com/vulnerabilities/100548