Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified composition of lowercase and uppercase characters, aka Bug ID CSum59958.
http://www.securitytracker.com/id/1033356
http://tools.cisco.com/security/center/viewAlert.x?alertId=40553