CVE-2013-3380
Cisco Secure Access Control Server Solution Engine - Authenticated Sensitive Information Exposure via Report View Page
Title source: llmDescription
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3380
Scores
EPSS
0.0133
EPSS Percentile
67.7%
Details
CWE
CWE-200
Status
published
Products (1)
cisco/secure_access_control_server_solution_engine
Published
Jun 12, 2013
Tracked Since
Feb 18, 2026