Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control server vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2015-6300
Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694.
Cisco Secure Access Control Server 5.7.0.15
4.3
CVSSv2
CVE-2006-3101
Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.
Cisco Secure Access Control Server 2.3
1 EDB exploit
6.8
CVSSv2
CVE-2011-3293
Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote malicious users to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID ...
Cisco Secure Access Control Server 5.2
4.3
CVSSv2
CVE-2011-3317
Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtr78192.
Cisco Secure Access Control Server 5.2
6.5
CVSSv2
CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Cisco Secure Access Control System -
4.3
CVSSv2
CVE-2015-0729
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote malicious users to inject arbitrary web script or HTML via a file-inclusion attack, aka Bug ID CSCuu11005.
Cisco Secure Access Control Server 5.5\\(0.1\\)
4
CVSSv2
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
4.3
CVSSv2
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
6.5
CVSSv2
CVE-2014-2130
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrati...
Cisco Secure Access Control System -
7.5
CVSSv2
CVE-2002-0241
NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server.
Cisco Secure Access Control Server 3.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »