Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-0218
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server before 5.8 patch 9 could allow an unauthenticated, remote malicious user to gain read access to certain information in the affected system. The vulnerability is due to improper handling of X...
Cisco Secure Access Control Server Solution Engine 5.8\\(0.8\\)
10
CVSSv2
CVE-2004-1099
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote malicious users t...
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Access Control Server 3.3.1
Cisco Secure Acs Solution Engine
5
CVSSv2
CVE-2015-0746
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote malicious users to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.
Cisco Secure Access Control Server 5.5\\(0.46.2\\)
5
CVSSv2
CVE-2012-5424
Cisco Secure Access Control System (ACS) 5.x prior to 5.2 Patch 11 and 5.3 prior to 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote malicious users to bypass authentication by sending a valid ...
Cisco Secure Access Control Server 5.1
Cisco Secure Access Control Server 5.2
Cisco Secure Access Control Server 5.0
Cisco Secure Access Control Server 5.3
6.3
CVSSv2
CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
Cisco Secure Access Control System -
9.4
CVSSv2
CVE-2005-4332
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_actio...
Cisco Network Admission Control Manager And Server System Software 3.3
Cisco Network Admission Control Manager And Server System Software 3.3.1
Cisco Network Admission Control Manager And Server System Software 3.3.9
Cisco Network Admission Control Manager And Server System Software 3.4
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.3.7
Cisco Network Admission Control Manager And Server System Software 3.3.8
Cisco Network Admission Control Manager And Server System Software 3.4.5
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.3.2
Cisco Network Admission Control Manager And Server System Software 3.3.3
Cisco Network Admission Control Manager And Server System Software 3.4.1
Cisco Network Admission Control Manager And Server System Software 3.4.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.3.4
Cisco Network Admission Control Manager And Server System Software 3.3.5
Cisco Network Admission Control Manager And Server System Software 3.3.6
Cisco Network Admission Control Manager And Server System Software 3.4.3
Cisco Network Admission Control Manager And Server System Software 3.4.4
Cisco Network Admission Control Manager And Server System Software 3.5.5
5.7
CVSSv2
CVE-2005-4825
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a...
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.5\\(9\\)
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.5
NA
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
Aveva Intouch Access Anywhere 2020
Aveva Intouch Access Anywhere
1 EDB exploit
7.2
CVSSv2
CVE-2007-2965
Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and previous versions allows local u...
F-secure F-secure Internet Security 2006
F-secure F-secure Internet Security 2007
F-secure F-secure Anti-virus Client Security
F-secure F-secure Anti-virus Linux Client Security
F-secure F-secure Anti-virus 2007
F-secure F-secure Internet Security 2005
F-secure F-secure Anti-virus
F-secure F-secure Anti-virus Linux Server Security
F-secure F-secure Protection Service
F-secure F-secure Anti-virus 2005
F-secure F-secure Anti-virus 2006
F-secure Internet Gatekeeper
5
CVSSv2
CVE-2001-0748
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote malicious users to read arbitrary files by prepending several / (slash) characters to the URI.
Acme Labs Acme Server 1.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »