Known Vulnerabilities for Secure Access Control Server by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Secure Access Control Server" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

More device details and information can be found at device.report here: Cisco Secure Access Control Server

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2015-6349 json	Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (A...	4.3 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6348 json	The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remot...	4 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6347 json	The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intende...	4 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6346 json	Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inj...	4.3 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6345 json	SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authen...	6.5 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6300 json	Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of ser...	4 - MEDIUM	2015-09-20	2016-12-29
CVE-2015-0746 json	The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outag...	5 - MEDIUM	2015-05-22	2016-04-06
CVE-2015-0729 json	Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote ...	4.3 - MEDIUM	2015-05-16	2017-01-06
CVE-2013-3466 json	The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server c...	9.3 - HIGH	2013-08-29	2016-11-07
CVE-2012-5424 json	Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration inv...	5 - MEDIUM	2012-11-07	2017-08-29

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version
Application	Cisco	Secure Access Control Server	5.5\(0.46.2\)
Application	Cisco	Secure Access Control Server	5.5\(0.1\)
Application	Cisco	Secure Access Control Server	5.3
Application	Cisco	Secure Access Control Server	5.2
Application	Cisco	Secure Access Control Server	5.1
Application	Cisco	Secure Access Control Server	5.0
Application	Cisco	Secure Access Control Server	4.2.1.15.9
Application	Cisco	Secure Access Control Server	4.2.1.15.8
Application	Cisco	Secure Access Control Server	4.2.1.15.7
Application	Cisco	Secure Access Control Server	4.2.1.15.6
Application	Cisco	Secure Access Control Server	4.2.1.15.4
Application	Cisco	Secure Access Control Server	4.2.1.15.3
Application	Cisco	Secure Access Control Server	4.2.1.15.2
Application	Cisco	Secure Access Control Server	4.2.1.15.11
Application	Cisco	Secure Access Control Server	4.2.1.15.10
Application	Cisco	Secure Access Control Server	4.2.1.15.1
Application	Cisco	Secure Access Control Server	4.2.1.15.0
Application	Cisco	Secure Access Control Server	4.2.1
Application	Cisco	Secure Access Control Server	4.2
Application	Cisco	Secure Access Control Server	4.2

Results limited to 20 most recent known configurations