26 matches found
PT-2026-3332
CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14.20. An attacker can send a specially crafted packet to a server and cause the server to crash...
PT-2025-25338 · Unknown · Absolute Secure Access Server
Name of the Vulnerable Software and Affected Versions: Absolute Secure Access server versions 9.0 through 13.54 Description: The issue is related to a memory management vulnerability. Attackers with network access to the server can cause a Denial of Service by sending a specially crafted sequence...
CVE-2018-0218
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities...
Cisco Secure Access Control Server Cross-Site Scripting Vulnerability
The Cisco Secure Access Control Server Solution Engine is a Cisco Secure Access Control Server solution engine. A cross-site scripting vulnerability exists in Cisco Secure Access Control Server, where the program fails to properly validate some parameters, which allows remote attackers to exploit...
Cisco Secure Access Control Server Dashboard Page Cross-Site Request Forgery Vulnerability
The Cisco Secure Access Control Server Solution Engine is a Cisco Secure Access Control Server solution engine. A cross-site request forgery vulnerability exists in the Dashboard page of the Cisco Secure Access Control Server Solution Engine monitoring-and-report segment, which allows a remote...
Cisco Secure Access Control Server Open Redirect Vulnerability
Cisco Secure ACS Access Control Server is a multifunction AAA authentication server. An open redirection vulnerability exists in Cisco Secure Access Control Server, which allows a remote attacker to redirect a user to an arbitrary website with an unspecified parameter and conduct a phishing attac...