CVE-2015-6349

all versions

Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5

CVE-2015-6348

all versions

The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote aut

CVE-2015-6347

all versions

The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBA

CVE-2015-6346

all versions

Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject a

CVE-2015-6345

all versions

SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticat

CVE-2015-6300

all versions

Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of service

CVE-2015-0746

all versions

The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by

CVE-2015-0729

all versions

Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote attac

CVE-2013-3466

<= 4.2.1.15.10

The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server config

CVE-2012-5424

all versions

Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involvin

CVE-2011-3317

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow r

CVE-2011-3293

all versions

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2

CVE-2008-2441

all versions

Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 1

CVE-2007-0105

<= 4.0.1

Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solu

CVE-2006-4098

all versions

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Sol

CVE-2006-4097

<= 4.0

Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 an

CVE-2006-3226

all versions

Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access

CVE-2006-3101

all versions

Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbi

CVE-2006-0561

all versions

Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry wit

CVE-2005-4499

all versions

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Cont

CVE-2005-0356

all versions

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remo

CVE-2004-1099

all versions

Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution

CVE-2004-1461

all versions

Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when

CVE-2004-1460

all versions

Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (

CVE-2004-1458

all versions

The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to c

CVE-2003-0210

all versions

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denia

CVE-2002-1095

all versions

Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload

CVE-2002-0938

all versions

Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web

CVE-2002-0241

all versions

NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the

CVE-2002-0160

all versions

The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build

CVE-2002-0159

all versions

Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earl

CVE-2000-1056

all versions

CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server a

CVE-2000-1055

all versions

Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly exe

CVE-2000-1054

all versions

Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of servic