Lucene search
K
CiscoSecure Acs Solution Engine

4 matches found

CVE
CVE
added 2005/02/13 5:0 a.m.57 views

CVE-2004-1460

CVE-2004-1460 affects Cisco Secure Access Control Server (ACS) 3.2(3) and earlier. When configured with an anonymous bind in Novell Directory Services (NDS), and authenticating NDS users with NDS, remote attackers can gain unauthorized access to AAA clients by using a blank password. The NVD note...

7.5CVSS6.8AI score0.01572EPSS
CVE
CVE
added 2004/12/01 5:0 a.m.51 views

CVE-2004-1099

Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1 are affected when EAP-TLS is enabled. They do not properly handle expired or untrusted certificates, allowing remote attackers to bypass authentication a...

10CVSS7.1AI score0.10195EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.51 views

CVE-2004-1458

The CVE-2004-1458 entry concerns Cisco Secure Access Control Server (ACS) 3.2(2) build 15, specifically the CSAdmin web administration interface. The vulnerability allows remote attackers to cause a denial of service (hang) by flooding port 2002 with TCP connections. The available documents confi...

5CVSS6.7AI score0.01798EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.48 views

CVE-2004-1461

Cisco Secure Access Control Server (ACS) 3.2(3) and earlier is vulnerable to an authentication bypass: during GUI login a separate unauthenticated TCP connection is spawned on a random port, and an attacker on the same IP can connect to that port to bypass authentication. This issue is documented...

7.5CVSS7AI score0.01679EPSS