Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure access control server vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-0218
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server before 5.8 patch 9 could allow an unauthenticated, remote malicious user to gain read access to certain information in the affected system. The vulnerability is due to improper handling of X...
Cisco Secure Access Control Server Solution Engine 5.8\\(0.8\\)
890
VMScore
CVE-2004-1099
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote malicious users t...
Cisco Secure Access Control Server 3.3\\(1\\)
Cisco Secure Access Control Server 3.3.1
Cisco Secure Acs Solution Engine
445
VMScore
CVE-2015-0746
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote malicious users to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.
Cisco Secure Access Control Server 5.5\\(0.46.2\\)
445
VMScore
CVE-2012-5424
Cisco Secure Access Control System (ACS) 5.x prior to 5.2 Patch 11 and 5.3 prior to 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote malicious users to bypass authentication by sending a valid ...
Cisco Secure Access Control Server 5.1
Cisco Secure Access Control Server 5.2
Cisco Secure Access Control Server 5.0
Cisco Secure Access Control Server 5.3
561
VMScore
CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
Cisco Secure Access Control System -
837
VMScore
CVE-2005-4332
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_actio...
Cisco Network Admission Control Manager And Server System Software 3.3
Cisco Network Admission Control Manager And Server System Software 3.3.1
Cisco Network Admission Control Manager And Server System Software 3.3.9
Cisco Network Admission Control Manager And Server System Software 3.4
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.3.7
Cisco Network Admission Control Manager And Server System Software 3.3.8
Cisco Network Admission Control Manager And Server System Software 3.4.5
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.3.2
Cisco Network Admission Control Manager And Server System Software 3.3.3
Cisco Network Admission Control Manager And Server System Software 3.4.1
Cisco Network Admission Control Manager And Server System Software 3.4.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.3.4
Cisco Network Admission Control Manager And Server System Software 3.3.5
Cisco Network Admission Control Manager And Server System Software 3.3.6
Cisco Network Admission Control Manager And Server System Software 3.4.3
Cisco Network Admission Control Manager And Server System Software 3.4.4
Cisco Network Admission Control Manager And Server System Software 3.5.5
507
VMScore
CVE-2005-4825
Cisco Clean Access 3.5.5 and previous versions on the Secure Smart Manager allows remote malicious users to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a...
Cisco Network Admission Control Manager And Server System Software 3.5.4
Cisco Network Admission Control Manager And Server System Software 3.5
Cisco Network Admission Control Manager And Server System Software 3.5\\(9\\)
Cisco Network Admission Control Manager And Server System Software 3.5.1
Cisco Network Admission Control Manager And Server System Software 3.5.2
Cisco Network Admission Control Manager And Server System Software 3.5.3
Cisco Network Admission Control Manager And Server System Software 3.5.5
NA
CVE-2022-23854
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.
Aveva Intouch Access Anywhere 2020
Aveva Intouch Access Anywhere
1 EDB exploit
641
VMScore
CVE-2007-2965
Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and previous versions allows local u...
F-secure F-secure Internet Security 2006
F-secure F-secure Internet Security 2007
F-secure F-secure Anti-virus Client Security
F-secure F-secure Anti-virus Linux Client Security
F-secure F-secure Anti-virus 2007
F-secure F-secure Internet Security 2005
F-secure F-secure Anti-virus
F-secure F-secure Anti-virus Linux Server Security
F-secure F-secure Protection Service
F-secure F-secure Anti-virus 2005
F-secure F-secure Anti-virus 2006
F-secure Internet Gatekeeper
505
VMScore
CVE-2001-0748
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote malicious users to read arbitrary files by prepending several / (slash) characters to the URI.
Acme Labs Acme Server 1.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »