{"api_version":"1","generated_at":"2026-04-23T10:17:56+00:00","cve":"CVE-2018-0147","urls":{"html":"https://cve.report/CVE-2018-0147","api":"https://cve.report/api/cve/CVE-2018-0147.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-0147","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-0147"},"summary":{"title":"CVE-2018-0147","description":"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988.","state":"PUBLIC","assigner":"psirt@cisco.com","published_at":"2018-03-08 07:29:00","updated_at":"2020-09-04 17:57:00"},"problem_types":["CWE-502"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1040463","name":"1040463","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Cisco Secure Access Control System Java Deserialization Flaw Lets Remote Users Execute Arbitrary Commands on the Target System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/103328","name":"103328","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Cisco Secure Access Control System CVE-2018-0147 Deserialization Remote Code Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2","name":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Cisco Secure Access Control System Java Deserialization Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-0147","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0147","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"147","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"secure_access_control_system","cpe6":"5.2(0.3)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"147","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"secure_access_control_system","cpe6":"5.2\\(0.3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"147","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"secure_access_control_system","cpe6":"5.2\\(0.3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2018","cve_id":"147","cve":"CVE-2018-0147","vendorProject":"Cisco","product":"Secure Access Control System (ACS)","vulnerabilityName":"Cisco Secure Access Control System Java Deserialization Vulnerability","dateAdded":"2022-03-25","shortDescription":"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-04-15","knownRansomwareCampaignUse":"Unknown","notes":"https://nvd.nist.gov/vuln/detail/CVE-2018-0147","cwes":"CWE-20","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2018","cve_id":"147","cve":"CVE-2018-0147","epss":"0.039520000","percentile":"0.883770000","score_date":"2026-04-22","updated_at":"2026-04-23 00:03:16"},"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2018-0147","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Cisco Secure Access Control System","version":{"version_data":[{"version_value":"Cisco Secure Access Control System"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20"}]}]},"references":{"reference_data":[{"name":"1040463","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1040463"},{"name":"103328","refsource":"BID","url":"http://www.securityfocus.com/bid/103328"},{"name":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2","refsource":"CONFIRM","url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2"}]}},"nvd":{"publishedDate":"2018-03-08 07:29:00","lastModifiedDate":"2020-09-04 17:57:00","problem_types":["CWE-502"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":10},"severity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:cisco:secure_access_control_system:5.2\\(0.3\\):*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"147","Ordinal":"114960","Title":"CVE-2018-0147","CVE":"CVE-2018-0147","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"147","Ordinal":"1","NoteData":"A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"147","Ordinal":"2","NoteData":"2018-03-08","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"147","Ordinal":"3","NoteData":"2018-03-09","Type":"Other","Title":"Modified"}]}}}