Known Vulnerabilities for Secure Access Control Server by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Secure Access Control Server" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

More device details and information can be found at device.report here: Cisco Secure Access Control Server

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2015-6349	Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (A...	4.3 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6348	The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remot...	4 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6347	The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intende...	4 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6346	Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inj...	4.3 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6345	SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authen...	6.5 - MEDIUM	2015-10-30	2016-12-07
CVE-2015-6300	Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users to cause a denial of ser...	4 - MEDIUM	2015-09-20	2016-12-29
CVE-2015-0746	The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outag...	5 - MEDIUM	2015-05-22	2016-04-06
CVE-2015-0729	Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE) 5.5(0.1) allows remote ...	4.3 - MEDIUM	2015-05-16	2017-01-06
CVE-2013-3466	The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server c...	9.3 - HIGH	2013-08-29	2016-11-07
CVE-2012-5424	Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration inv...	5 - MEDIUM	2012-11-07	2017-08-29

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Cisco	Secure Access Control Server	5.5\(0.46.2\)	All	All	All
Application	Cisco	Secure Access Control Server	5.5\(0.1\)	All	All	All
Application	Cisco	Secure Access Control Server	5.3	All	All	All
Application	Cisco	Secure Access Control Server	5.2	All	All	All
Application	Cisco	Secure Access Control Server	5.1	All	All	All
Application	Cisco	Secure Access Control Server	5.0	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.9	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.8	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.7	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.6	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.4	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.3	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.2	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.11	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.10	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.1	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1.15.0	All	All	All
Application	Cisco	Secure Access Control Server	4.2.1	-	windows	All
Application	Cisco	Secure Access Control Server	4.2	All	All	All
Application	Cisco	Secure Access Control Server	4.2	-	windows	All

Results limited to 20 most recent known configurations