This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:cisco:secure_access_control_server |
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2000-12-11 |
| Product | Secure Access Control Server | Last view | 2012-11-07 |
| Version | Type | Application | |
| Edition | |||
| Language | |||
| Update | |||
Activity : Yearly
COMMON PLATFORM ENUMERATION : Repartition per Version
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 5 | 2012-11-07 | CVE-2012-5424 | Network | Low | None Requ... | |
| 4.3 | 2012-05-02 | CVE-2011-3317 | Network | Medium | None Requ... | |
| 6.8 | 2012-05-02 | CVE-2011-3293 | Network | Medium | None Requ... | |
| 7.5 | 2008-09-04 | CVE-2008-2441 | Network | Low | None Requ... | |
| 7.5 | 2007-01-08 | CVE-2007-0105 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 10 | 2006-12-31 | CVE-2006-4098 | Network | Low | None Requ... | |
| 7.8 | 2006-12-31 | CVE-2006-4097 | Network | Low | None Requ... | |
| 7.5 | 2006-06-26 | CVE-2006-3226 | Network | Low | None Requ... | |
| 4.3 | 2006-06-20 | CVE-2006-3101 | Network | Medium | None Requ... | |
| 7.2 | 2006-05-09 | CVE-2006-0561 | Local | Low | None Requ... | |
| 7.5 | 2005-12-22 | CVE-2005-4499 | Network | Low | None Requ... | |
| 5 | 2005-05-31 | CVE-2005-0356 | Network | Low | None Requ... | |
| 10 | 2005-01-10 | CVE-2004-1099 | Network | Low | None Requ... | |
| 7.5 | 2004-12-31 | CVE-2004-1461 | Network | Low | None Requ... | |
| 7.5 | 2004-12-31 | CVE-2004-1460 | Network | Low | None Requ... | |
| 5 | 2004-12-31 | CVE-2004-1458 | Network | Low | None Requ... | |
| 7.5 | 2003-05-12 | CVE-2003-0210 | Network | Low | None Requ... | |
| 5 | 2002-10-04 | CVE-2002-1095 | Network | Low | None Requ... | |
| 7.5 | 2002-10-04 | CVE-2002-0938 | Network | Low | None Requ... | |
| 7.5 | 2002-05-29 | CVE-2002-0241 | Network | Low | None Requ... | |
| 5 | 2002-04-22 | CVE-2002-0160 | Network | Low | None Requ... | |
| 7.5 | 2002-04-22 | CVE-2002-0159 | Network | Low | None Requ... | |
| 7.5 | 2000-12-11 | CVE-2000-1056 | Network | Low | None Requ... | |
| 10 | 2000-12-11 | CVE-2000-1055 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 20% (1) | CWE-399 | Resource Management Errors |
| 20% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 20% (1) | CWE-134 | Uncontrolled Format String |
| 20% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 20% (1) | CWE-20 | Improper Input Validation |
CAPEC : Common Attack Pattern Enumeration & Classificatio
| id | Name |
|---|---|
| CAPEC-18 | Embedding Scripts in Nonscript Elements |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 47917 | Cisco Secure ACS Crafted RADIUS EAP Packet Remote DoS |
| 36126 | Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acco... |
| 36125 | Cisco Secure Access Control Server (ACS) CSRadius Service Crafted RADIUS Acce... |
| 32642 | Cisco Secure ACS Crafted HTTP GET Request Remote Overflow |
| 26825 | Cisco Secure Access Control Server (ACS) Session Management Authentication By... |
| id | Description |
|---|---|
| 26531 | Cisco Secure ACS for Unix LogonProxy.cgi Multiple Parameter XSS |
| 25892 | Cisco Secure ACS Registry Cleartext Authentication Credential Disclosure |
| 22193 | Cisco Secure Access Control Server (ACS) RAS/NAS Downloadable IP ACL Disclosure |
| 16685 | Multiple Vendor Malformed TCP Timestamp DoS |
| 11379 | Cisco Secure Access Control Server EAP-TLS Authentication Bypass |
| 9185 | Cisco Secure Access Control Server ACS GUI IP Spoofing Authentication Bypass |
| 9184 | Cisco Secure Access Control Server NDS Database Blank Password Authentication |
| 9182 | Cisco Secure Access Control Server CSAdmin Connection Saturation DoS |
| 8910 | Cisco VPN 3000 Concentrator PPTP No Encryption Option Remote DoS |
| 7198 | CiscoSecure ACS Server CSAdmin Module Large Packet Overflow |
| 5352 | CiscoSecure ACS Arbitrary File Access |
| 5340 | CiscoSecure ACS NDSAuth.DLL NDS Authentication Failure |
| 5049 | CiscoSecure ACS setup.exe action Parameter XSS |
| 2062 | CiscoSecure ACS For Windows Format String Overflow |
| 1570 | CiscoSecure ACS LDAP Null Password Authentication Bypass |
| 1569 | CiscoSecure ACS Oversized TACACS+ Packet DoS |
| 1568 | CiscoSecure ACS for Windows CSAdmin Login Overflow DoS |
