Skip to main content

Secure Access Control Server Solution Engine

5 CVEs product

Monthly

CVE-2018-0414 MEDIUM This Month

A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cisco Secure Access Control Server Solution Engine
NVD
CVSS 3.0
5.7
EPSS
1.8%
CVE-2018-0218 LOW Monitor

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD
CVSS 3.1
3.3
EPSS
1.5%
CVE-2018-0207 LOW Monitor

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD
CVSS 3.1
3.3
EPSS
1.5%
CVE-2015-0700 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Secure Access Control Server Solution Engine
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-3380 MEDIUM This Month

The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD
CVSS 2.0
4.0
EPSS
0.1%
EPSS 2% CVSS 5.7
MEDIUM This Month

A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Cisco Secure Access Control Server Solution Engine
NVD
EPSS 2% CVSS 3.3
LOW Monitor

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD
EPSS 2% CVSS 3.3
LOW Monitor

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Secure Access Control Server Solution Engine
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Access Control Server Solution Engine
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy