Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure acs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2441
Cisco Secure ACS 3.x prior to 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x prior to 4.1(4) Build 13 Patch 11, and 4.2.x prior to 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows...
Cisco Secure Access Control Server
Cisco Secure Acs
NA
CVE-2004-1099
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote malicious users t...
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.3(1)
Cisco Secure Access Control Server 3.3.1
NA
CVE-2014-0668
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949.
Cisco Secure Access Control System -
NA
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
NA
CVE-2014-0678
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
Cisco Secure Access Control System -
9.8
CVSSv3
CVE-2018-0253
A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted user's privilege...
Cisco Secure Access Control System 5.8(0.8)
Cisco Secure Access Control System
Cisco Secure Access Control System 5.8
1 Article
NA
CVE-2014-0650
The web interface in Cisco Secure Access Control System (ACS) 5.x prior to 5.4 Patch 3 allows remote malicious users to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962.
Cisco Secure Access Control System 5.3.0.40.1
Cisco Secure Access Control System 5.3.0.40.7
Cisco Secure Access Control System 5.3.0.40.9
Cisco Secure Access Control System 5.3.0.40.2
Cisco Secure Access Control System
Cisco Secure Access Control System 5.3.0.40.6
Cisco Secure Access Control System 5.3.0.40.5
Cisco Secure Access Control System 5.2
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.3.0.40.3
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.3.0.40.4
Cisco Secure Access Control System 5.3.0.40.8
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.4.0.46.1
Cisco Secure Access Control System 5.1.0.44.4
NA
CVE-2014-0648
The RMI interface in Cisco Secure Access Control System (ACS) 5.x prior to 5.5 does not properly enforce authentication and authorization requirements, which allows remote malicious users to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.
Cisco Secure Access Control System 5.3.0.40.1
Cisco Secure Access Control System 5.3.0.40.7
Cisco Secure Access Control System 5.3.0.40.9
Cisco Secure Access Control System 5.3.0.40.2
Cisco Secure Access Control System 5.4.0.46.3
Cisco Secure Access Control System 5.4.0.46.2
Cisco Secure Access Control System 5.4.0.46.4
Cisco Secure Access Control System 5.3.0.40.6
Cisco Secure Access Control System 5.3.0.40.5
Cisco Secure Access Control System 5.2
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.3.0.40.3
Cisco Secure Access Control System 5.4.0.46.5
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.3.0.40.4
Cisco Secure Access Control System 5.3.0.40.8
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System
Cisco Secure Access Control System 5.2.0.26.2
NA
CVE-2014-0649
The RMI interface in Cisco Secure Access Control System (ACS) 5.x prior to 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
Cisco Secure Access Control System 5.3.0.40.1
Cisco Secure Access Control System 5.3.0.40.7
Cisco Secure Access Control System 5.3.0.40.9
Cisco Secure Access Control System 5.3.0.40.2
Cisco Secure Access Control System 5.4.0.46.3
Cisco Secure Access Control System 5.4.0.46.2
Cisco Secure Access Control System 5.4.0.46.4
Cisco Secure Access Control System 5.3.0.40.6
Cisco Secure Access Control System 5.3.0.40.5
Cisco Secure Access Control System 5.2
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.3.0.40.3
Cisco Secure Access Control System 5.4.0.46.5
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.3.0.40.4
Cisco Secure Access Control System 5.3.0.40.8
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System
Cisco Secure Access Control System 5.2.0.26.2
1 Article
9.8
CVSSv3
CVE-2018-0147
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote malicious user to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of...
Cisco Secure Access Control System 5.2(0.3)
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »