This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:secure_access_control_server
Detail
VendorCiscoFirst view 2000-12-11
ProductSecure Access Control ServerLast view2015-10-30
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:3.012
cpe:/a:cisco:secure_access_control_server:3.3(1)9
cpe:/a:cisco:secure_access_control_server:3.18
cpe:/a:cisco:secure_access_control_server:3.28
cpe:/a:cisco:secure_access_control_server:3.2::windows_server8
Hide | Show 45 More...
CPE NameAffected CVE
cpe:/a:cisco:secure_access_control_server:3.2(1)8
cpe:/a:cisco:secure_access_control_server:3.2(2)8
cpe:/a:cisco:secure_access_control_server:3.2(3)8
cpe:/a:cisco:secure_access_control_server:3.38
cpe:/a:cisco:secure_access_control_server:2.1::windows_nt7
cpe:/a:cisco:secure_access_control_server:3.0.16
cpe:/a:cisco:secure_access_control_server:3.0.1::windows_nt6
cpe:/a:cisco:secure_access_control_server:3.3.16
cpe:/a:cisco:secure_access_control_server:2.3::unix5
cpe:/a:cisco:secure_access_control_server:2.3(3)::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.4(2)::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.65
cpe:/a:cisco:secure_access_control_server:2.6.25
cpe:/a:cisco:secure_access_control_server:2.6.35
cpe:/a:cisco:secure_access_control_server:2.6.3::windows_nt5
cpe:/a:cisco:secure_access_control_server:2.6.45
cpe:/a:cisco:secure_access_control_server:3.0::windows_nt5
cpe:/a:cisco:secure_access_control_server:3.0.3::windows_nt5
cpe:/a:cisco:secure_access_control_server:3.1.1::windows_nt5
cpe:/a:cisco:secure_access_control_server:3.2.15
cpe:/a:cisco:secure_access_control_server:3.2.25
cpe:/a:cisco:secure_access_control_server:3.2(1.20)5
cpe:/a:cisco:secure_access_control_server:3.3.25
cpe:/a:cisco:secure_access_control_server:5.7.0.155
cpe:/a:cisco:secure_access_control_server:2.0::unix4
cpe:/a:cisco:secure_access_control_server:2.3::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.3.5.1::unix4
cpe:/a:cisco:secure_access_control_server:2.3.6.1::unix4
cpe:/a:cisco:secure_access_control_server:2.4::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.42::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.5::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.6::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.6.2::windows_nt4
cpe:/a:cisco:secure_access_control_server:2.6.4::windows_nt4
cpe:/a:cisco:secure_access_control_server3
cpe:/a:cisco:secure_access_control_server:-3
cpe:/a:cisco:secure_access_control_server:2.13
cpe:/a:cisco:secure_access_control_server:2.33
cpe:/a:cisco:secure_access_control_server:2.43
cpe:/a:cisco:secure_access_control_server:2.53
cpe:/a:cisco:secure_access_control_server:3.0.33
cpe:/a:cisco:secure_access_control_server:3.1::windows_nt3
cpe:/a:cisco:secure_access_control_server:3.1.13
cpe:/a:cisco:secure_access_control_server:3.2::windows_nt3
cpe:/a:cisco:secure_access_control_server:3.2(2)_build_153

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32015-10-30CVE-2015-6349NetworkMediumNone Requ...
42015-10-30CVE-2015-6348NetworkLowRequires ...
42015-10-30CVE-2015-6347NetworkLowRequires ...
4.32015-10-30CVE-2015-6346NetworkMediumNone Requ...
6.52015-10-30CVE-2015-6345NetworkLowRequires ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52015-05-21CVE-2015-0746NetworkLowNone Requ...
4.32015-05-16CVE-2015-0729NetworkMediumNone Requ...
9.32013-08-29CVE-2013-3466NetworkMediumNone Requ...
42013-06-11CVE-2013-3380NetworkLowRequires ...
52012-11-07CVE-2012-5424NetworkLowNone Requ...
7.52007-01-08CVE-2007-0105NetworkLowNone Requ...
102006-12-31CVE-2006-4098NetworkLowNone Requ...
7.82006-12-31CVE-2006-4097NetworkLowNone Requ...
7.52006-06-26CVE-2006-3226NetworkLowNone Requ...
4.32006-06-20CVE-2006-3101NetworkMediumNone Requ...
7.22006-05-09CVE-2006-0561LocalLowNone Requ...
7.52005-12-22CVE-2005-4499NetworkLowNone Requ...
52005-05-31CVE-2005-0356NetworkLowNone Requ...
102005-01-10CVE-2004-1099NetworkLowNone Requ...
7.52004-12-31CVE-2004-1461NetworkLowNone Requ...
7.52004-12-31CVE-2004-1460NetworkLowNone Requ...
52004-12-31CVE-2004-1458NetworkLowNone Requ...
7.52003-05-12CVE-2003-0210NetworkLowNone Requ...
52002-10-04CVE-2002-1095NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
27% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
18% (2)CWE-264Permissions, Privileges, and Access Controls
9% (1)CWE-287Improper Authentication
9% (1)CWE-254Security Features
9% (1)CWE-200Information Exposure
Hide | Show 3 More...
%idName
9% (1)CWE-134Uncontrolled Format String
9% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
9% (1)CWE-20Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-18Embedding Scripts in Nonscript Elements

Open Source Vulnerability Database (OSVDB)

idDescription
36126Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acco...
36125Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acce...
32642Cisco Secure ACS Crafted HTTP GET Request Remote Overflow
26825Cisco Secure Access Control Server (ACS) Session Management Authentication By...
26531Cisco Secure ACS for Unix LogonProxy.cgi Multiple Parameter XSS
Hide | Show 16 More...
idDescription
25892Cisco Secure ACS Registry Cleartext Authentication Credential Disclosure
22193Cisco Secure Access Control Server (ACS) RAS/NAS Downloadable IP ACL Disclosure
16685Multiple Vendor Malformed TCP Timestamp DoS
11379Cisco Secure Access Control Server EAP-TLS Authentication Bypass
9185Cisco Secure Access Control Server ACS GUI IP Spoofing Authentication Bypass
9184Cisco Secure Access Control Server NDS Database Blank Password Authentication
9182Cisco Secure Access Control Server CSAdmin Connection Saturation DoS
8910Cisco VPN 3000 Concentrator PPTP No Encryption Option Remote DoS
7198CiscoSecure ACS Server CSAdmin Module Large Packet Overflow
5352CiscoSecure ACS Arbitrary File Access
5340CiscoSecure ACS NDSAuth.DLL NDS Authentication Failure
5049CiscoSecure ACS setup.exe action Parameter XSS
2062CiscoSecure ACS For Windows Format String Overflow
1570CiscoSecure ACS LDAP Null Password Authentication Bypass
1569CiscoSecure ACS Oversized TACACS+ Packet DoS
1568CiscoSecure ACS for Windows CSAdmin Login Overflow DoS

OpenVAS Exploits

idDescription
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-05:15.tcp.asc)
File : nvt/freebsdsa_tcp1.nasl
2005-11-03Name : CISCO Secure ACS Management Interface Login Overflow
File : nvt/cisco_acs_web_overflow.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0167Cisco Secure Access Control Server Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0040212
2012-B-0113Cisco Secure Access Control System (ACS) Authentication Bypass Vulnerability
Severity : Category I - VMSKEY : V0034958

Nessus® Vulnerability Scanner

idDescription
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL4743.nasl - Type : ACT_GATHER_INFO
2013-09-17Name : The remote Windows host has an access control application installed that is a...
File : cisco_secure_acs_for_windows_sa20130828.nasl - Type : ACT_GATHER_INFO
2013-07-30Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20121107-acs.nasl - Type : ACT_GATHER_INFO
2003-04-30Name : Arbitrary code may be executed on the remote host.
File : cisco_acs_web_overflow.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdt56514.nasl - Type : ACT_GATHER_INFO
Hide | Show 1 More...
idDescription
2003-03-01Name : The remote device is missing a vendor-supplied security patch.
File : CSCdx39981.nasl - Type : ACT_GATHER_INFO