Cisco secure access control system
This hub aggregates every CVE we track for Cisco secure access control system, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
3
Critical
0
High
1
In CISA KEV
Severity distribution
MEDIUM8CRITICAL3LOW2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 13 most recently published vulnerabilities affecting Cisco secure access control system.
- CVE-2018-0253A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands...9.8
- CVE-2018-0207A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain informa...3.3
- CVE-2018-0147A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands o...KEV9.8
- CVE-2018-0218A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain informa...3.3
- CVE-2017-6769A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) at...5.4
- CVE-2016-1000031Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution9.8
- CVE-2015-6349Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or ...4.3
- CVE-2015-6348The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read rep...4.0
- CVE-2015-6347The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an u...4.0
- CVE-2015-6346Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.4.3
- CVE-2015-6345SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka B...6.5
- CVE-2015-4219Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before 5.5(0.46) and Cisco Identity Services Engine 1.0(4.573) do not properly implement access control for support bundles, which allo...4.0
- CVE-2015-0746The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.5.0
Product normalization is registry-driven with AI assist and human review. How it works