Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control system - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0105
Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Cisco Secure Access Control Server
NA
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
NA
CVE-2015-6346
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Cisco Secure Access Control Server 5.7.0.15
NA
CVE-2014-0668
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCue65949.
Cisco Secure Access Control System -
NA
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.2
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.4
NA
CVE-2014-0678
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
Cisco Secure Access Control System -
5.7
CVSSv3
CVE-2018-0414
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote malicious user to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsi...
Cisco Secure Access Control Server Solution Engine 5.8
Cisco Secure Access Control Server Solution Engine
NA
CVE-2013-1196
The command-line interface in Cisco Secure Access Control System (ACS), Identity Services Engine Software, Context Directory Agent, Application Networking Manager (ANM), Prime Network Control System, Prime LAN Management Solution (LMS), Prime Collaboration, Unified Provisioning M...
Cisco Prime Network Control System -
Cisco Secure Access Control System -
Cisco Prime Collaboration -
Cisco Prime Data Center Network Manager -
Cisco Network Services Manager -
Cisco Application Networking Manager -
Cisco Quad -
Cisco Context Directory Agent -
Cisco Unified Provisioning Manager -
Cisco Prime Lan Management Solution -
Cisco Identity Services Engine Software -
NA
CVE-2013-5536
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote malicious users to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521.
Cisco Secure Access Control System -
NA
CVE-2013-6974
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud89431.
Cisco Secure Access Control System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »