Secure Access Control Server Solution Engine Security Vulnerabilities and Issues — Secure Access Control Server Solution Engine CVE List

cve

CVE-2018-0207

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities...

3.3CVSS

4.2AI Score

0.002EPSS

2018-03-08 07:29 AM

21

cve

CVE-2018-0218

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities...

3.3CVSS

4.2AI Score

0.002EPSS

2018-03-08 07:29 AM

33

cve

CVE-2015-0700

Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID...

7.4AI Score

0.001EPSS

2015-04-17 01:59 AM

19

cve

CVE-2013-3380

The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID...

5.9AI Score

0.001EPSS

2013-06-12 03:30 AM

18