This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:secure_access_control_server
Detail
VendorCiscoFirst view 2000-12-11
ProductSecure Access Control ServerLast view2015-10-30
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:3.0:-:windows14
cpe:/a:cisco:secure_access_control_server:3.3(1):-:windows11
cpe:/a:cisco:secure_access_control_server:3.1:-:windows10
cpe:/a:cisco:secure_access_control_server:3.2:-:windows10
cpe:/a:cisco:secure_access_control_server:3.2::windows_server10
Hide | Show 45 More...
CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:3.2(1):-:windows10
cpe:/a:cisco:secure_access_control_server:3.2(2):-:windows10
cpe:/a:cisco:secure_access_control_server:3.2(3):-:windows10
cpe:/a:cisco:secure_access_control_server:3.3:-:windows10
cpe:/a:cisco:secure_access_control_server:2.1::windows_nt8
cpe:/a:cisco:secure_access_control_server:3.0.1:-:windows7
cpe:/a:cisco:secure_access_control_server:3.0.1::windows_nt7
cpe:/a:cisco:secure_access_control_server:3.3.1:-:windows7
cpe:/a:cisco:secure_access_control_server:2.3::unix6
cpe:/a:cisco:secure_access_control_server:2.3(3)::windows_nt6
cpe:/a:cisco:secure_access_control_server:2.4(2)::windows_nt6
cpe:/a:cisco:secure_access_control_server:2.6:-:windows6
cpe:/a:cisco:secure_access_control_server:2.6.2:-:windows6
cpe:/a:cisco:secure_access_control_server:2.6.3:-:windows6
cpe:/a:cisco:secure_access_control_server:2.6.3::windows_nt6
cpe:/a:cisco:secure_access_control_server:2.6.4:-:windows6
cpe:/a:cisco:secure_access_control_server:3.0::windows_nt6
cpe:/a:cisco:secure_access_control_server:3.0.3::windows_nt6
cpe:/a:cisco:secure_access_control_server:3.1.1::windows_nt6
cpe:/a:cisco:secure_access_control_server:3.2.1:-:windows6
cpe:/a:cisco:secure_access_control_server:3.2.2:-:windows6
cpe:/a:cisco:secure_access_control_server:3.2(1.20):-:windows6
cpe:/a:cisco:secure_access_control_server:3.3.2:-:windows6
cpe:/a:cisco:secure_access_control_server:5.7.0.156
cpe:/a:cisco:secure_access_control_server:2.0::unix5
cpe:/a:cisco:secure_access_control_server:2.3::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.3.5.1::unix5
cpe:/a:cisco:secure_access_control_server:2.3.6.1::unix5
cpe:/a:cisco:secure_access_control_server:2.4::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.42::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.5::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.6::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.6.2::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.6.4::windows_nt5
cpe:/a:cisco:secure_access_control_server:-4
cpe:/a:cisco:secure_access_control_server:2.1:-:windows4
cpe:/a:cisco:secure_access_control_server:2.3:-:windows4
cpe:/a:cisco:secure_access_control_server:2.4:-:windows4
cpe:/a:cisco:secure_access_control_server:2.5:-:windows-nt4
cpe:/a:cisco:secure_access_control_server:3.0.3:-:windows4
cpe:/a:cisco:secure_access_control_server:3.1::windows_nt4
cpe:/a:cisco:secure_access_control_server:3.1.1:-:windows4
cpe:/a:cisco:secure_access_control_server:3.2::windows_nt4
cpe:/a:cisco:secure_access_control_server:3.2(2):build15:windows4
cpe:/a:cisco:secure_access_control_server:3.3::windows_nt4

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32015-10-30CVE-2015-6349NetworkMediumNone Requ...
42015-10-30CVE-2015-6348NetworkLowRequires ...
42015-10-30CVE-2015-6347NetworkLowRequires ...
4.32015-10-30CVE-2015-6346NetworkMediumNone Requ...
6.52015-10-30CVE-2015-6345NetworkLowRequires ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42015-09-20CVE-2015-6300NetworkLowRequires ...
52015-05-21CVE-2015-0746NetworkLowNone Requ...
4.32015-05-16CVE-2015-0729NetworkMediumNone Requ...
9.32013-08-29CVE-2013-3466NetworkMediumNone Requ...
42013-06-11CVE-2013-3380NetworkLowRequires ...
52012-11-07CVE-2012-5424NetworkLowNone Requ...
7.52007-01-08CVE-2007-0105NetworkLowNone Requ...
102006-12-31CVE-2006-4098NetworkLowNone Requ...
7.82006-12-31CVE-2006-4097NetworkLowNone Requ...
7.52006-06-26CVE-2006-3226NetworkLowNone Requ...
4.32006-06-20CVE-2006-3101NetworkMediumNone Requ...
7.22006-05-09CVE-2006-0561LocalLowNone Requ...
7.52005-12-22CVE-2005-4499NetworkLowNone Requ...
52005-05-31CVE-2005-0356NetworkLowNone Requ...
102005-01-10CVE-2004-1099NetworkLowNone Requ...
7.52004-12-31CVE-2004-1461NetworkLowNone Requ...
7.52004-12-31CVE-2004-1460NetworkLowNone Requ...
52004-12-31CVE-2004-1459NetworkLowNone Requ...
52004-12-31CVE-2004-1458NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
16% (2)CWE-264Permissions, Privileges, and Access Controls
16% (2)CWE-20Improper Input Validation
8% (1)CWE-287Improper Authentication
8% (1)CWE-254Security Features
Hide | Show 3 More...
%idName
8% (1)CWE-200Information Exposure
8% (1)CWE-134Uncontrolled Format String
8% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-18Embedding Scripts in Nonscript Elements

Open Source Vulnerability Database (OSVDB)

idDescription
36126Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acco...
36125Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acce...
32642Cisco Secure ACS Crafted HTTP GET Request Remote Overflow
26825Cisco Secure Access Control Server (ACS) Session Management Authentication By...
26531Cisco Secure ACS for Unix LogonProxy.cgi Multiple Parameter XSS
Hide | Show 17 More...
idDescription
25892Cisco Secure ACS Registry Cleartext Authentication Credential Disclosure
22193Cisco Secure Access Control Server (ACS) RAS/NAS Downloadable IP ACL Disclosure
16685Multiple Vendor Malformed TCP Timestamp DoS
11379Cisco Secure Access Control Server EAP-TLS Authentication Bypass
9185Cisco Secure Access Control Server ACS GUI IP Spoofing Authentication Bypass
9184Cisco Secure Access Control Server NDS Database Blank Password Authentication
9183Cisco Secure Access Control Server LEAP Proxy Forwarding DoS
9182Cisco Secure Access Control Server CSAdmin Connection Saturation DoS
8910Cisco VPN 3000 Concentrator PPTP No Encryption Option Remote DoS
7198CiscoSecure ACS Server CSAdmin Module Large Packet Overflow
5352CiscoSecure ACS Arbitrary File Access
5340CiscoSecure ACS NDSAuth.DLL NDS Authentication Failure
5049CiscoSecure ACS setup.exe action Parameter XSS
2062CiscoSecure ACS For Windows Format String Overflow
1570CiscoSecure ACS LDAP Null Password Authentication Bypass
1569CiscoSecure ACS Oversized TACACS+ Packet DoS
1568CiscoSecure ACS for Windows CSAdmin Login Overflow DoS

OpenVAS Exploits

idDescription
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-05:15.tcp.asc)
File : nvt/freebsdsa_tcp1.nasl
2005-11-03Name : CISCO Secure ACS Management Interface Login Overflow
File : nvt/cisco_acs_web_overflow.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0167Cisco Secure Access Control Server Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0040212
2012-B-0113Cisco Secure Access Control System (ACS) Authentication Bypass Vulnerability
Severity : Category I - VMSKEY : V0034958

Nessus® Vulnerability Scanner

idDescription
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL4743.nasl - Type : ACT_GATHER_INFO
2013-09-17Name : The remote Windows host has an access control application installed that is a...
File : cisco_secure_acs_for_windows_sa20130828.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20121107-acs.nasl - Type : ACT_GATHER_INFO
2003-04-30Name : Arbitrary code may be executed on the remote host.
File : cisco_acs_web_overflow.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdt56514.nasl - Type : ACT_GATHER_INFO
Hide | Show 1 More...
idDescription
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdx39981.nasl - Type : ACT_GATHER_INFO