Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tacacs vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0486
Buffer overflow in Cisco TACACS+ tac_plus server allows remote malicious users to cause a denial of service via a malformed packet with a long length field.
Cisco Ios
Cisco Tacacs\\+ F4.0.3alpha
Cisco Tacacs\\+ F4.0.2alpha
NA
CVE-2002-0225
tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
Cisco Tacacs\\+ F4.0.4alpha
NA
CVE-2012-5210
Unspecified vulnerability in HP Intelligent Management Center (iMC) TACACS+ Authentication Manager (TAM) prior to 5.2 E0401 allows remote malicious users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, aka ZDI-CAN-1646.
Hp Tacacs\\+ Authentication Manager
9.8
CVSSv3
CVE-2021-34746
A vulnerability in the TACACS+ authentication, authorization and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote malicious user to bypass authentication and log in to an affected device as an administrator. T...
Cisco Enterprise Nfv Infrastructure Software
1 Article
NA
CVE-2006-0764
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" comman...
Cisco Guard 5.0\\(1\\)
Cisco Guard 5.0\\(3\\)
Cisco Traffic Anomaly Detector Module 5.0\\(1\\)
Cisco Traffic Anomaly Detector Module 5.0\\(3\\)
Cisco Anomaly Guard Module 5.0\\(1\\)
Cisco Anomaly Guard Module 5.0\\(3\\)
7.8
CVSSv3
CVE-2018-0417
A vulnerability in TACACS authentication with Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, local malicious user to perform certain operations within the GUI that are not normally available to that user on the CLI. The vulnerability is due to incorrec...
Cisco Wireless Lan Controller Software 8.7\\(1.115\\)
Cisco Wireless Lan Controller Software
Cisco Wireless Lan Controller
6.5
CVSSv3
CVE-2023-20168
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local malicious user to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication ...
Cisco Nx-os 9.3\\(11\\)
Cisco Nx-os 10.2\\(5\\)
Cisco Nx-os -
NA
CVE-2012-5424
Cisco Secure Access Control System (ACS) 5.x prior to 5.2 Patch 11 and 5.3 prior to 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote malicious users to bypass authentication by sending a valid ...
Cisco Secure Access Control Server 5.1
Cisco Secure Access Control Server 5.2
Cisco Secure Access Control Server 5.0
Cisco Secure Access Control Server 5.3
NA
CVE-2014-8013
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.
Cisco Nx-os -
NA
CVE-2014-0676
Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367.
Cisco Nx-os -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »