Secure Access Control Server@3.0.1 Security Vulnerabilities and Issues — Secure Access Control Server@3.0.1 CVE List

Lucene search

CiscoSecure Access Control Server3.0.1

3 matches found

CVE•added 2003/04/02 5:0 a.m.•35 views

CVE-2002-0241

NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server.

7.5CVSS6.5AI score0.00189EPSS

CVE•added 2003/04/02 5:0 a.m.•34 views

CVE-2002-0938

Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe.

7.5CVSS7.1AI score0.03109EPSS

CVE•added 2003/05/12 4:0 a.m.•30 views

CVE-2003-0210

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.

7.5CVSS7.9AI score0.02296EPSS