Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control system vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2014-8028
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Secure Access Control System (ACS) allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq79019.
Cisco Secure Access Control System -
356
VMScore
CVE-2015-4219
Cisco Secure Access Control System prior to 5.4(0.46.2) and 5.5 prior to 5.5(0.46) and Cisco Identity Services Engine 1.0(4.573) do not properly implement access control for support bundles, which allows remote authenticated users to obtain sensitive information via brute-force a...
Cisco Secure Access Control System
Cisco Secure Access Control System 5.3.0.40.5
Cisco Identity Services Engine Software 1.0.4.573
578
VMScore
CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Cisco Secure Access Control System -
694
VMScore
CVE-2006-4097
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allow remote malicious users to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOT...
Cisco Secure Access Control Server 4.1
Cisco Secure Access Control Server
516
VMScore
CVE-2014-8029
Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150.
Cisco Secure Access Control System -
445
VMScore
CVE-2017-12354
A vulnerability in the web-based interface of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote malicious user to view sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect s...
Cisco Secure Access Control System 5.8\\(0.32\\)
383
VMScore
CVE-2015-6349
Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
578
VMScore
CVE-2015-6345
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuw24700.
Cisco Secure Access Control Server 5.7.0.15
356
VMScore
CVE-2015-6347
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page.
Cisco Secure Access Control Server 5.7.0.15
356
VMScore
CVE-2015-6348
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
Cisco Secure Access Control Server 5.7.0.15
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »