Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control server vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2011-3293
Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote malicious users to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID ...
Cisco Secure Access Control Server 5.2
4.3
CVSSv2
CVE-2011-3317
Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtr78192.
Cisco Secure Access Control Server 5.2
4.3
CVSSv2
CVE-2006-3101
Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.
Cisco Secure Access Control Server 2.3
1 EDB exploit
4
CVSSv2
CVE-2015-6300
Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694.
Cisco Secure Access Control Server 5.7.0.15
6.5
CVSSv2
CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Cisco Secure Access Control System -
4
CVSSv2
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
4.3
CVSSv2
CVE-2015-0729
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote malicious users to inject arbitrary web script or HTML via a file-inclusion attack, aka Bug ID CSCuu11005.
Cisco Secure Access Control Server 5.5\\(0.1\\)
4.3
CVSSv2
CVE-2014-3820
Cross-site scripting (XSS) vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 7.1 prior to 7.1r16, 7.4 prior to 7.4r3, and 8.0 prior to 8.0r1 and the Juniper Junos Pulse Access Control Service devices with UA...
Juniper Junos Pulse Secure Access Service 7.1r4
Juniper Junos Pulse Secure Access Service 7.1r6
Juniper Junos Pulse Secure Access Service 7.1r13
Juniper Junos Pulse Secure Access Service 7.1r15
Juniper Junos Pulse Access Control Service 4.1
Juniper Junos Pulse Access Control Service 4.1r1.1
Juniper Junos Pulse Access Control Service 4.1r3
Juniper Junos Pulse Access Control Service 4.4
Juniper Junos Pulse Secure Access Service 7.1
Juniper Junos Pulse Secure Access Service 7.1r1
Juniper Junos Pulse Secure Access Service 7.1r1.1
Juniper Junos Pulse Secure Access Service 7.1r2
Juniper Junos Pulse Secure Access Service 7.1r3
Juniper Junos Pulse Secure Access Service 7.4
Juniper Junos Pulse Secure Access Service 8.0
Juniper Junos Pulse Secure Access Service 7.1r8
Juniper Junos Pulse Secure Access Service 7.1r9
Juniper Junos Pulse Secure Access Service 7.1r10
Juniper Junos Pulse Secure Access Service 7.1r11
Juniper Junos Pulse Access Control Service 4.1r4
Juniper Junos Pulse Access Control Service 4.1r5
Juniper Junos Pulse Secure Access Service 7.1r5
4.3
CVSSv2
CVE-2013-3970
Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 up to and including 7.0r8 and 7.1r1 up to and including 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 up to and including 4.1r5 include a test Certification Authority (CA) certifi...
Juniper Junos Pulse Secure Access Service 7.0r2
Juniper Junos Pulse Secure Access Service 7.0r3
Juniper Junos Pulse Secure Access Service 7.0r4
Juniper Junos Pulse Secure Access Service 7.0r8
Juniper Junos Pulse Secure Access Service 7.1r1
Juniper Junos Pulse Secure Access Service 7.1r1.1
Juniper Junos Pulse Secure Access Service 7.1r2
Juniper Junos Pulse Secure Access Service 7.0r5.1
Juniper Junos Pulse Secure Access Service 7.0r7
Juniper Junos Pulse Secure Access Service 7.1r3
Juniper Junos Pulse Secure Access Service 7.1r5
Juniper Junos Pulse Secure Access Service 7.0r5
Juniper Junos Pulse Secure Access Service 7.0r6
Juniper Junos Pulse Secure Access Service 7.1r4
Juniper Junos Pulse Access Control Service 4.1r1.1
Juniper Junos Pulse Access Control Service 4.1r2
Juniper Junos Pulse Access Control Service 4.1r3
Juniper Junos Pulse Access Control Service 4.1r4
Juniper Junos Pulse Access Control Service 4.1r1
Juniper Junos Pulse Access Control Service 4.1r5
4.3
CVSSv2
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »