Secure Access Control Server@2.3 Security Vulnerabilities and Issues — Secure Access Control Server@2.3 CVE List

Lucene search

CiscoSecure Access Control Server2.3

4 matches found

CVE•added 2006/06/21 1:2 a.m.•137 views

CVE-2006-3101

Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.

4.3CVSS5.7AI score0.25627EPSS

CVE•added 2005/05/31 4:0 a.m.•114 views

CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they ap...

5CVSS6.2AI score0.86024EPSS

CVE•added 2005/12/22 11:3 a.m.•59 views

CVE-2005-4499

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges b...

7.5CVSS7.4AI score0.01897EPSS

CVE•added 2003/05/12 4:0 a.m.•30 views

CVE-2003-0210

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.

7.5CVSS7.9AI score0.02296EPSS