Lucene search

K
CiscoSecure Access Control Server5.7.0.15

6 matches found

CVE
CVE
added 2015/09/20 2:59 p.m.44 views

CVE-2015-6300

Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service (SSH screen process crash) via crafted (1) CLI or (2) GUI commands, aka Bug ID CSCuw24694.

4CVSS6.5AI score0.00388EPSS
CVE
CVE
added 2015/10/30 10:59 a.m.41 views

CVE-2015-6346

Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3CVSS5.7AI score0.00263EPSS
CVE
CVE
added 2015/10/30 10:59 a.m.39 views

CVE-2015-6345

SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuw24700.

6.5CVSS8AI score0.00311EPSS
CVE
CVE
added 2015/10/30 10:59 a.m.39 views

CVE-2015-6348

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.

4CVSS6.4AI score0.00156EPSS
CVE
CVE
added 2015/10/30 10:59 a.m.34 views

CVE-2015-6347

The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page.

4CVSS6.4AI score0.00135EPSS
CVE
CVE
added 2015/10/30 10:59 a.m.34 views

CVE-2015-6349

Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3CVSS5.7AI score0.00263EPSS