CVE-2013-3380

Cisco Secure Access Control Server Solution Engine - Authenticated Sensitive Information Exposure via Report View Page

Title source: llm
STIX 2.1

Description

The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.

References (1)

Core 1
Core References

Scores

EPSS 0.0133
EPSS Percentile 67.7%

Details

CWE
CWE-200
Status published
Products (1)
cisco/secure_access_control_server_solution_engine
Published Jun 12, 2013
Tracked Since Feb 18, 2026