Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control system - vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
578
VMScore
CVE-2015-6345
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuw24700.
Cisco Secure Access Control Server 5.7.0.15
578
VMScore
CVE-2014-2130
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrati...
Cisco Secure Access Control System -
578
VMScore
CVE-2015-0580
Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) prior to 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027.
Cisco Secure Access Control System
578
VMScore
CVE-2014-8027
The RBAC component in Cisco Secure Access Control System (ACS) allows remote authenticated users to obtain Network Device Administrator privileges for Create, Delete, Read, and Update operations via crafted HTTP requests, aka Bug ID CSCuq79034.
Cisco Secure Access Control System -
561
VMScore
CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
Cisco Secure Access Control System -
540
VMScore
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
536
VMScore
CVE-2004-0230
TCP, when using a large Window Size, makes it easier for remote malicious users to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connection...
Oracle Solaris 11
Oracle Solaris 10
Openpgp Openpgp 2.6.2
Mcafee Network Data Loss Prevention 9.2.1
Mcafee Network Data Loss Prevention 9.2.0
Mcafee Network Data Loss Prevention
Mcafee Network Data Loss Prevention 9.2.2
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Netbsd Netbsd 1.6.1
Netbsd Netbsd 1.6.2
Netbsd Netbsd 2.0
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Xinuos Openserver 5.0.6
Xinuos Openserver 5.0.7
Juniper Junos
Xinuos Unixware 7.1.1
Xinuos Unixware 7.1.3
7 EDB exploits
2 Github repositories
516
VMScore
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
516
VMScore
CVE-2017-3840
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page, aka an Open Redirect Vulnerability. More Information: CSCvc04849. Known Affected Releases: 5.8(2....
Cisco Secure Access Control System 5.8\\(2.5\\)
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »