cvedb.io
CVE-2016-1297
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2016-02-26T05:59:00.130 · Last modified 2026-06-17T00:41:40.173

Summary

The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows remote authenticated users to bypass intended RBAC restrictions and execute arbitrary CLI commands with admin privileges via an unspecified parameter in a POST request, aka Bug ID CSCul84801.

Affected products

cisco — application_control_engine_software

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.