Vigil@nce - Cisco Secure ACS: privilege escalation via Dashboard/Portlet
December 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass restrictions in Dashboard/Portlet of Cisco
Secure ACS, in order to escalate his privileges.
Impacted products: Secure ACS.
Severity: 2/4.
Creation date: 26/10/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco Secure ACS product uses RBAC (role-based access control).
However, RBAC rules allow the creation of a Dashboard or Portlet.
An authenticated attacker can therefore create a Dashboard/Portlet
on Cisco Secure ACS, in order to escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-Secure-ACS-privilege-escalation-via-Dashboard-Portlet-18183