Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2130
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrati...
Cisco Secure Access Control System -
NA
CVE-2004-1458
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote malicious users to cause a denial of service (hang) via a flood of TCP connections to port 2002.
Cisco Secure Access Control Server 3.2
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.2\\(3\\)
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.2\\(1\\)
Cisco Secure Access Control Server 3.2\\(2\\)
NA
CVE-2004-1460
Cisco Secure Access Control Server (ACS) 3.2(3) and previous versions, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote malicious users to gain unauthorized access to AAA clients via a blank password.
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.2
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Access Control Server 3.2\\(1\\)
Cisco Secure Access Control Server 3.2\\(2\\)
Cisco Secure Access Control Server 3.2\\(3\\)
NA
CVE-2004-1461
Cisco Secure Access Control Server (ACS) 3.2(3) and previous versions spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote malicious users to bypass authentication by connecting to that port from the same ...
Cisco Secure Access Control Server 3.2
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.2\\(2\\)
Cisco Secure Access Control Server 3.2\\(3\\)
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.1
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Acs Solution Engine
Cisco Secure Access Control Server 3.2\\(1\\)
NA
CVE-2002-0241
NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server.
Cisco Secure Access Control Server 3.0.1
NA
CVE-2015-0728
Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuu11002.
Cisco Secure Access Control System 5.5\\(0.1\\)
5.7
CVSSv3
CVE-2018-0414
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote malicious user to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsi...
Cisco Secure Access Control Server Solution Engine 5.8
Cisco Secure Access Control Server Solution Engine
NA
CVE-2014-8029
Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCuq74150.
Cisco Secure Access Control System -
NA
CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote malicious users to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard late...
Cisco Interactive Voice Response
Cisco Ip Contact Center Enterprise
Cisco Personal Assistant 1.4\\(2\\)
Cisco Emergency Responder 1.1
Cisco Intelligent Contact Manager 5.0
Cisco Personal Assistant 1.3\\(3\\)
Cisco Personal Assistant 1.3\\(4\\)
Cisco Personal Assistant 1.4\\(1\\)
Cisco Secure Access Control Server 2.3
Cisco Secure Access Control Server 2.6
Cisco Secure Access Control Server 3.0
Cisco Secure Access Control Server 3.2\\(1.20\\)
Cisco Secure Access Control Server 3.2\\(2\\)
Cisco Agent Desktop
Cisco E-mail Manager
Cisco Personal Assistant 1.3\\(1\\)
Cisco Personal Assistant 1.3\\(2\\)
Cisco Secure Access Control Server 2.3.5.1
Cisco Secure Access Control Server 2.3.6.1
Cisco Secure Access Control Server 2.6.3
Cisco Secure Access Control Server 2.6.4
Cisco Secure Access Control Server 3.1.1
1 EDB exploit
3.3
CVSSv3
CVE-2018-0207
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server before 5.8 patch 9 could allow an unauthenticated, remote malicious user to gain read access to certain information in the affected system. The vulnerability is due to improper handling of X...
Cisco Secure Access Control Server Solution Engine 5.8\\(0.8\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »