This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:secure_access_control_server
Detail
VendorCiscoFirst view 2000-12-11
ProductSecure Access Control ServerLast view 2013-08-29
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:5.31
cpe:/a:cisco:secure_access_control_server:5.21
cpe:/h:cisco:secure_access_control_server:5.22
cpe:/a:cisco:secure_access_control_server:5.11
cpe:/a:cisco:secure_access_control_server:5.01
Hide | Show 66 More...
CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:4.2.1.15.91
cpe:/a:cisco:secure_access_control_server:4.2.1.15.81
cpe:/a:cisco:secure_access_control_server:4.2.1.15.71
cpe:/a:cisco:secure_access_control_server:4.2.1.15.61
cpe:/a:cisco:secure_access_control_server:4.2.1.15.41
cpe:/a:cisco:secure_access_control_server:4.2.1.15.31
cpe:/a:cisco:secure_access_control_server:4.2.1.15.21
cpe:/a:cisco:secure_access_control_server:4.2.1.15.101
cpe:/a:cisco:secure_access_control_server:4.2.1.15.11
cpe:/a:cisco:secure_access_control_server:4.2.1.15.01
cpe:/a:cisco:secure_access_control_server:4.1::windows1
cpe:/a:cisco:secure_access_control_server:4.0.12
cpe:/a:cisco:secure_access_control_server:4.0.1::windows1
cpe:/a:cisco:secure_access_control_server:4.01
cpe:/a:cisco:secure_access_control_server:4.0::windows1
cpe:/a:cisco:secure_access_control_server:3.3.23
cpe:/a:cisco:secure_access_control_server:3.3.14
cpe:/a:cisco:secure_access_control_server:3.3(1)7
cpe:/a:cisco:secure_access_control_server:3.36
cpe:/a:cisco:secure_access_control_server:3.3::windows_nt1
cpe:/a:cisco:secure_access_control_server:3.2.23
cpe:/a:cisco:secure_access_control_server:3.2.13
cpe:/a:cisco:secure_access_control_server:3.2(3)6
cpe:/a:cisco:secure_access_control_server:3.2(2)_build_151
cpe:/a:cisco:secure_access_control_server:3.2(2)6
cpe:/a:cisco:secure_access_control_server:3.2(1.20)3
cpe:/a:cisco:secure_access_control_server:3.2(1)6
cpe:/a:cisco:secure_access_control_server:3.2::windows_nt1
cpe:/a:cisco:secure_access_control_server:3.2::windows_server6
cpe:/a:cisco:secure_access_control_server:3.26
cpe:/a:cisco:secure_access_control_server:3.1.11
cpe:/a:cisco:secure_access_control_server:3.1.1::windows_nt3
cpe:/a:cisco:secure_access_control_server:3.16
cpe:/a:cisco:secure_access_control_server:3.1::windows_nt1
cpe:/a:cisco:secure_access_control_server:3.0.31
cpe:/a:cisco:secure_access_control_server:3.0.3::windows_nt3
cpe:/a:cisco:secure_access_control_server:3.0.14
cpe:/a:cisco:secure_access_control_server:3.0.1::windows_nt4
cpe:/a:cisco:secure_access_control_server:3.0::windows_nt3
cpe:/a:cisco:secure_access_control_server:3.010
cpe:/a:cisco:secure_access_control_server:2.6.43
cpe:/a:cisco:secure_access_control_server:2.6.4::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.6.33
cpe:/a:cisco:secure_access_control_server:2.6.3::windows_nt3
cpe:/a:cisco:secure_access_control_server:2.6.23
cpe:/a:cisco:secure_access_control_server:2.6.2::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.6::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.63
cpe:/a:cisco:secure_access_control_server:2.51
cpe:/a:cisco:secure_access_control_server:2.5::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.42::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.4(2)::windows_nt3
cpe:/a:cisco:secure_access_control_server:2.41
cpe:/a:cisco:secure_access_control_server:2.4::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.3.6.1::unix2
cpe:/a:cisco:secure_access_control_server:2.3.5.1::unix2
cpe:/a:cisco:secure_access_control_server:2.3(3)::windows_nt3
cpe:/a:cisco:secure_access_control_server:2.3::unix3
cpe:/a:cisco:secure_access_control_server:2.3::windows_nt2
cpe:/a:cisco:secure_access_control_server:2.31
cpe:/a:cisco:secure_access_control_server:2.11
cpe:/a:cisco:secure_access_control_server:2.1::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.0::unix2
cpe:/a:cisco:secure_access_control_server:-1
cpe:/a:cisco:secure_access_control_server1
cpe:/h:cisco:secure_access_control_server1

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
9.3 2013-08-29 CVE-2013-3466 Network Medium None Requ...
4 2013-06-11 CVE-2013-3380 Network Low Requires ...
5 2012-11-07 CVE-2012-5424 Network Low None Requ...
4.3 2012-05-02 CVE-2011-3317 Network Medium None Requ...
6.8 2012-05-02 CVE-2011-3293 Network Medium None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.5 2008-09-04 CVE-2008-2441 Network Low None Requ...
7.5 2007-01-08 CVE-2007-0105 Network Low None Requ...
10 2006-12-31 CVE-2006-4098 Network Low None Requ...
7.8 2006-12-31 CVE-2006-4097 Network Low None Requ...
7.5 2006-06-26 CVE-2006-3226 Network Low None Requ...
4.3 2006-06-20 CVE-2006-3101 Network Medium None Requ...
7.2 2006-05-09 CVE-2006-0561 Local Low None Requ...
7.5 2005-12-22 CVE-2005-4499 Network Low None Requ...
5 2005-05-31 CVE-2005-0356 Network Low None Requ...
10 2005-01-10 CVE-2004-1099 Network Low None Requ...
7.5 2004-12-31 CVE-2004-1461 Network Low None Requ...
7.5 2004-12-31 CVE-2004-1460 Network Low None Requ...
5 2004-12-31 CVE-2004-1458 Network Low None Requ...
7.5 2003-05-12 CVE-2003-0210 Network Low None Requ...
5 2002-10-04 CVE-2002-1095 Network Low None Requ...
7.5 2002-10-04 CVE-2002-0938 Network Low None Requ...
7.5 2002-05-29 CVE-2002-0241 Network Low None Requ...
5 2002-04-22 CVE-2002-0160 Network Low None Requ...
7.5 2002-04-22 CVE-2002-0159 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
14% (1)CWE-399Resource Management Errors
14% (1)CWE-352Cross-Site Request Forgery (CSRF)
14% (1)CWE-287Improper Authentication
14% (1)CWE-200Information Exposure
14% (1)CWE-134Uncontrolled Format String
Hide | Show 2 More...
%idName
14% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
14% (1)CWE-20Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-18Embedding Scripts in Nonscript Elements

Open Source Vulnerability Database (OSVDB)

idDescription
47917Cisco Secure ACS Crafted RADIUS EAP Packet Remote DoS
36126Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acco...
36125Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acce...
32642Cisco Secure ACS Crafted HTTP GET Request Remote Overflow
26825Cisco Secure Access Control Server (ACS) Session Management Authentication By...
Hide | Show 17 More...
idDescription
26531Cisco Secure ACS for Unix LogonProxy.cgi Multiple Parameter XSS
25892Cisco Secure ACS Registry Cleartext Authentication Credential Disclosure
22193Cisco Secure Access Control Server (ACS) RAS/NAS Downloadable IP ACL Disclosure
16685Multiple Vendor Malformed TCP Timestamp DoS
11379Cisco Secure Access Control Server EAP-TLS Authentication Bypass
9185Cisco Secure Access Control Server ACS GUI IP Spoofing Authentication Bypass
9184Cisco Secure Access Control Server NDS Database Blank Password Authentication
9182Cisco Secure Access Control Server CSAdmin Connection Saturation DoS
8910Cisco VPN 3000 Concentrator PPTP No Encryption Option Remote DoS
7198CiscoSecure ACS Server CSAdmin Module Large Packet Overflow
5352CiscoSecure ACS Arbitrary File Access
5340CiscoSecure ACS NDSAuth.DLL NDS Authentication Failure
5049CiscoSecure ACS setup.exe action Parameter XSS
2062CiscoSecure ACS For Windows Format String Overflow
1570CiscoSecure ACS LDAP Null Password Authentication Bypass
1569CiscoSecure ACS Oversized TACACS+ Packet DoS
1568CiscoSecure ACS for Windows CSAdmin Login Overflow DoS

OpenVAS Exploits

idDescription
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-05:15.tcp.asc)
File : nvt/freebsdsa_tcp1.nasl
2005-11-03Name : CISCO Secure ACS Management Interface Login Overflow
File : nvt/cisco_acs_web_overflow.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0167Cisco Secure Access Control Server Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0040212
2012-B-0113Cisco Secure Access Control System (ACS) Authentication Bypass Vulnerability
Severity : Category I - VMSKEY : V0034958

Nessus® Vulnerability Scanner

idDescription
2013-09-17Name : The remote Windows host has an access control application installed that is a...
File : cisco_secure_acs_for_windows_sa20130828.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20121107-acs.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sr-20080903-csacs.nasl - Type : ACT_GATHER_INFO
2003-04-30Name : Arbitrary code may be executed on the remote host.
File : cisco_acs_web_overflow.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdt56514.nasl - Type : ACT_GATHER_INFO
Hide | Show 1 More...
idDescription
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdx39981.nasl - Type : ACT_GATHER_INFO