Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco secure access control server 3.2.1 vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2006-4098
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted RADIUS Accounting-Request packet.
Cisco Secure Access Control Server 3.0Cisco Secure Access Control Server 3.1Cisco Secure Access Control Server 3.2.2Cisco Secure Access Control Server 3.3Cisco Secure Access Control Server 3.2\\(1.20\\)Cisco Secure Access Control Server 3.2\\(2\\)Cisco Secure Access Control Server 4.0Cisco Secure Access Control Server 4.0.1Cisco Secure Access Control Server 3.2\\(3\\)Cisco Secure Access Control Server 3.2.1Cisco Secure Access Control Server 3.2Cisco Secure Access Control Server 3.2\\(1\\)Cisco Secure Access Control Server 3.3\\(1\\)Cisco Secure Access Control Server 3.3.1Cisco Secure Access Control Server 3.3.2
5
CVSSv2
CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote malicious users to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard late...
Cisco Interactive Voice ResponseCisco Ip Contact Center EnterpriseCisco Personal Assistant 1.4\\(2\\)Cisco Emergency Responder 1.1Cisco Intelligent Contact Manager 5.0Cisco Personal Assistant 1.3\\(3\\)Cisco Personal Assistant 1.3\\(4\\)Cisco Personal Assistant 1.4\\(1\\)Cisco Secure Access Control Server 2.3Cisco Secure Access Control Server 2.6Cisco Secure Access Control Server 3.0Cisco Secure Access Control Server 3.2\\(1.20\\)Cisco Secure Access Control Server 3.2\\(2\\)Cisco Agent DesktopCisco E-mail ManagerCisco Personal Assistant 1.3\\(1\\)Cisco Personal Assistant 1.3\\(2\\)Cisco Secure Access Control Server 2.3.5.1Cisco Secure Access Control Server 2.3.6.1Cisco Secure Access Control Server 2.6.3Cisco Secure Access Control Server 2.6.4Cisco Secure Access Control Server 3.1.1
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons CollectionsApache Commons Collections 4.0
7.5
CVSSv2
CVE-2005-4499
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote malicious u...
Cisco Vpn 3001 ConcentratorCisco Vpn 3015 ConcentratorCisco Vpn 3020 ConcentratorCisco Vpn 3030 ConcentatorCisco Vpn 3060 ConcentratorCisco Vpn 3080 ConcentratorCisco Adaptive Security Appliance Software 7.0Cisco Adaptive Security Appliance Software 7.0\\(4\\)Cisco Adaptive Security Appliance Software 7.0.1.4Cisco Adaptive Security Appliance Software 7.0.4.3Cisco Vpn 3000 Concentrator Series Software 2.0Cisco Vpn 3000 Concentrator Series Software 2.5.2.aCisco Vpn 3000 Concentrator Series Software 2.5.2.bCisco Vpn 3000 Concentrator Series Software 2.5.2.cCisco Vpn 3000 Concentrator Series Software 2.5.2.dCisco Vpn 3000 Concentrator Series Software 2.5.2.fCisco Vpn 3000 Concentrator Series Software 3.0Cisco Vpn 3000 Concentrator Series Software 3.0.3.aCisco Vpn 3000 Concentrator Series Software 3.0.3.bCisco Vpn 3000 Concentrator Series Software 3.0.4Cisco Vpn 3000 Concentrator Series Software 3.1Cisco Vpn 3000 Concentrator Series Software 3.1\\(rel\\)
5.8
CVSSv2
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl OpensslFreebsd Freebsd 12.2Netapp Santricity Smi-s Provider Firmware -Netapp Storagegrid Firmware -Windriver Linux -Windriver Linux 18.0Windriver Linux 19.0Windriver Linux 17.0Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Ontap Select Deploy Administration Utility -Netapp Cloud Volumes Ontap Mediator -Fedoraproject Fedora 34Tenable Nessus AgentTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Oracle Jd Edwards World Security A9.4Oracle Weblogic Server 12.2.1.4.0
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0Apache Log4jSiemens Sppa-t3000 Ses3000 FirmwareSiemens Logo\\! Soft ComfortSiemens Spectrum Power 4 4.70Siemens Spectrum Power 4Siemens Siveillance Control ProSiemens Energyip Prepay 3.7Siemens Energyip Prepay 3.8Siemens Siveillance Identity 1.6Siemens Siveillance Identity 1.5Siemens Siveillance CommandSiemens Sipass Integrated 2.85Siemens Sipass Integrated 2.80Siemens Head-end System Universal Device Integration SystemSiemens Gma-managerSiemens Energyip 8.5Siemens Energyip 8.6Siemens Energyip 8.7Siemens Energyip 9.0Siemens Energy Engage 3.1Siemens E-car Operation Center
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Tenable Tenable.scTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineFedoraproject Fedora 34
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook