Secure Access Control System Security Vulnerabilities and Issues — Secure Access Control System CVE List

Lucene search

CiscoSecure Access Control System

5 matches found

CVE•added 2013/07/12 9:55 p.m.•41 views

CVE-2013-3422

Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2013/07/15 3:55 p.m.•39 views

CVE-2013-3428

The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957.

4CVSS5.9AI score0.00162EPSS

CVE•added 2013/07/12 9:55 p.m.•38 views

CVE-2013-3423

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2013/07/12 9:55 p.m.•35 views

CVE-2013-3424

Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.

6.8CVSS7.3AI score0.00116EPSS

CVE•added 2013/07/12 9:55 p.m.•34 views

CVE-2013-3421

Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75170.

4.3CVSS5.8AI score0.00263EPSS