Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0105
Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Cisco Secure Access Control Server
NA
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
NA
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
NA
CVE-2014-0668
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949.
Cisco Secure Access Control System -
NA
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
NA
CVE-2014-0678
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
Cisco Secure Access Control System -
5.7
CVSSv3
CVE-2018-0414
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote malicious user to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsi...
Cisco Secure Access Control Server Solution Engine 5.8
Cisco Secure Access Control Server Solution Engine
NA
CVE-2013-1196
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning M...
Cisco Context Directory Agent -
Cisco Prime Network Control System -
Cisco Prime Data Center Network Manager -
Cisco Secure Access Control System -
Cisco Prime Lan Management Solution -
Cisco Prime Collaboration -
Cisco Unified Provisioning Manager -
Cisco Network Services Manager -
Cisco Identity Services Engine Software -
Cisco Application Networking Manager -
Cisco Quad -
NA
CVE-2013-5536
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote malicious users to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521.
Cisco Secure Access Control System -
NA
CVE-2014-0663
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum03625.
Cisco Secure Access Control System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »