Secure Access Control Server@5.2 Security Vulnerabilities and Issues — Secure Access Control Server@5.2 CVE List

Lucene search

CiscoSecure Access Control Server5.2

3 matches found

CVE•added 2012/11/07 11:55 p.m.•41 views

CVE-2012-5424

Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted passwo...

5CVSS7.2AI score0.00219EPSS

CVE•added 2012/05/02 10:9 a.m.•34 views

CVE-2011-3293

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.

6.8CVSS6.6AI score0.00126EPSS

CVE•added 2012/05/02 10:9 a.m.•34 views

CVE-2011-3317

Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtr78192.

4.3CVSS5.8AI score0.00254EPSS