CVE-2014-2130 Information

Description

Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat which allows remote authenticated users to modify application files and configuration files and consequently execute arbitrary code by leveraging administrative privileges aka Bug ID CSCuj83189.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2130 http://www.securitytracker.com/id/1031844