Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control server vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2004-1099
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote malicious users t...
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Access Control Server 3.3.1
Cisco Secure Acs Solution Engine
561
VMScore
CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
Cisco Secure Access Control System -
837
VMScore
CVE-2005-4332
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_actio...
Cisco Network Admission Control Manager And Server System Software 3.3
Cisco Network Admission Control Manager And Server System Software 3.3.1
Cisco Network Admission Control Manager And Server System Software 3.3.9
Cisco Network Admission Control Manager And Server System Software 3.4
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.3.7
Cisco Network Admission Control Manager And Server System Software 3.3.8
Cisco Network Admission Control Manager And Server System Software 3.4.5
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.3.2
Cisco Network Admission Control Manager And Server System Software 3.3.3
Cisco Network Admission Control Manager And Server System Software 3.4.1
Cisco Network Admission Control Manager And Server System Software 3.4.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.3.4
Cisco Network Admission Control Manager And Server System Software 3.3.5
Cisco Network Admission Control Manager And Server System Software 3.3.6
Cisco Network Admission Control Manager And Server System Software 3.4.3
Cisco Network Admission Control Manager And Server System Software 3.4.4
Cisco Network Admission Control Manager And Server System Software 3.5.5
445
VMScore
CVE-2012-5424
Cisco Secure Access Control System (ACS) 5.x prior to 5.2 Patch 11 and 5.3 prior to 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote malicious users to bypass authentication by sending a valid ...
Cisco Secure Access Control Server 5.1
Cisco Secure Access Control Server 5.2
Cisco Secure Access Control Server 5.0
Cisco Secure Access Control Server 5.3
507
VMScore
CVE-2005-4825
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a...
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.5\\(9\\)
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.5
505
VMScore
CVE-2001-0748
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote malicious users to read arbitrary files by prepending several / (slash) characters to the URI.
Acme Labs Acme Server 1.7
1 EDB exploit
294
VMScore
CVE-2020-3222
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent malicious user to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoin...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1c
Cisco Ios Xe 16.10.1d
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1f
Cisco Ios Xe 16.10.1g
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.12.1w
Cisco Ios Xe 16.12.1y
801
VMScore
CVE-2020-3211
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An atta...
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.10.1a
Cisco Ios Xe 16.10.1b
Cisco Ios Xe 16.10.1e
Cisco Ios Xe 16.10.1s
Cisco Ios Xe 16.10.2
Cisco Ios Xe 16.11.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1s
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1t
NA
CVE-2023-20177
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote malicious user to cause the Sno...
Cisco Firepower Threat Defense 7.1.0
Cisco Firepower Threat Defense 7.0.0
Cisco Firepower Threat Defense 7.2.0.1
Cisco Firepower Threat Defense 7.0.1
Cisco Firepower Threat Defense 7.0.0.1
Cisco Firepower Threat Defense 7.0.1.1
Cisco Firepower Threat Defense 7.0.2
Cisco Firepower Threat Defense 7.0.2.1
Cisco Firepower Threat Defense 7.0.3
Cisco Firepower Threat Defense 7.0.4
Cisco Firepower Threat Defense 7.1.0.1
Cisco Firepower Threat Defense 7.1.0.2
Cisco Firepower Threat Defense 7.2.0
Cisco Firepower Threat Defense 7.2.1
Cisco Firepower Threat Defense 7.2.2
Cisco Firepower Threat Defense 7.2.3
Cisco Firepower Threat Defense 7.3.1.1
Cisco Firepower Threat Defense 7.3.1
Cisco Firepower Threat Defense 7.3.0
Cisco Firepower Threat Defense 7.1.0.3
Cisco Firepower Threat Defense 7.0.5
801
VMScore
CVE-2020-3229
A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote malicious user to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of ...
Cisco Ios Xe 16.2.2
Cisco Ios Xe 16.3.1
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.3
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.3.5
Cisco Ios Xe 16.3.5b
Cisco Ios Xe 16.3.6
Cisco Ios Xe 16.3.7
Cisco Ios Xe 16.3.8
Cisco Ios Xe 16.3.9
Cisco Ios Xe 16.3.10
Cisco Ios Xe 16.4.1
Cisco Ios Xe 16.4.2
Cisco Ios Xe 16.4.3
Cisco Ios Xe 16.5.1
Cisco Ios Xe 16.5.1a
Cisco Ios Xe 16.5.1b
Cisco Ios Xe 16.5.2
Cisco Ios Xe 16.5.3
Cisco Ios Xe 16.6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »