Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-0105
Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Cisco Secure Access Control Server
4
CVSSv2
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
4.3
CVSSv2
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
4.3
CVSSv2
CVE-2014-0668
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949.
Cisco Secure Access Control System -
5
CVSSv2
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
5.5
CVSSv2
CVE-2014-0678
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
Cisco Secure Access Control System -
3.5
CVSSv2
CVE-2018-0414
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote malicious user to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsi...
Cisco Secure Access Control Server Solution Engine 5.8
Cisco Secure Access Control Server Solution Engine
5
CVSSv2
CVE-2013-5536
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote malicious users to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521.
Cisco Secure Access Control System -
6.8
CVSSv2
CVE-2013-1196
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning M...
Cisco Context Directory Agent -
Cisco Prime Network Control System -
Cisco Prime Data Center Network Manager -
Cisco Secure Access Control System -
Cisco Prime Lan Management Solution -
Cisco Prime Collaboration -
Cisco Unified Provisioning Manager -
Cisco Network Services Manager -
Cisco Identity Services Engine Software -
Cisco Application Networking Manager -
Cisco Quad -
4
CVSSv2
CVE-2013-6695
The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the use...
Cisco Secure Access Control System -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »