Lucene search

K
CiscoSecure Access Control Server*

5 matches found

CVE
CVE
added 2005/12/22 11:3 a.m.59 views

CVE-2005-4499

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges b...

7.5CVSS7.4AI score0.01897EPSS
CVE
CVE
added 2008/09/04 4:41 p.m.43 views

CVE-2008-2441

Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated use...

7.5CVSS7.4AI score0.03198EPSS
CVE
CVE
added 2013/08/29 12:7 p.m.40 views

CVE-2013-3466

The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57...

9.3CVSS8AI score0.00722EPSS
CVE
CVE
added 2007/01/09 12:28 a.m.39 views

CVE-2007-0105

Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.

7.5CVSS8AI score0.01869EPSS
CVE
CVE
added 2007/01/08 11:0 p.m.34 views

CVE-2006-4097

Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that ...

7.8CVSS7.3AI score0.01756EPSS