Known Vulnerabilities for Secure Access Control System by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Secure Access Control System" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2018-0253 json	A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remot...	9.8 - CRITICAL	2018-05-02	2019-10-09
CVE-2018-0147 json	A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could a...	9.8 - CRITICAL	2018-03-08	2020-09-04
CVE-2017-12354 json	A vulnerability in the web-based interface of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote...	5.3 - MEDIUM	2017-11-30	2019-10-09
CVE-2017-6769 json	A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenti...	5.4 - MEDIUM	2017-08-07	2017-08-10
CVE-2017-3841 json	A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote a...	7.5 - HIGH	2017-02-22	2017-07-25
CVE-2017-3840 json	A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote a...	6.1 - MEDIUM	2017-02-22	2017-07-25
CVE-2017-3839 json	An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could al...	4.3 - MEDIUM	2017-02-22	2019-10-03
CVE-2017-3838 json	A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-...	6.1 - MEDIUM	2017-02-22	2017-07-25
CVE-2015-4219 json	Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before 5.5(0.46) and Cisco Identity Services Engine 1.0(4.573) ...	4 - MEDIUM	2015-06-24	2016-12-29
CVE-2015-0728 json	Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote attackers to inject arbi...	4.3 - MEDIUM	2015-05-15	2017-01-06

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version
Application	Cisco	Secure Access Control System	5.8\(1.5\)
Application	Cisco	Secure Access Control System	5.8\(0.8\)
Application	Cisco	Secure Access Control System	5.7\(0.15\)
Application	Cisco	Secure Access Control System	5.5\(0.1\)
Application	Cisco	Secure Access Control System	5.5.0.46
Application	Cisco	Secure Access Control System	5.4.0.46.6
Application	Cisco	Secure Access Control System	5.4.0.46.5
Application	Cisco	Secure Access Control System	5.4.0.46.4
Application	Cisco	Secure Access Control System	5.4.0.46.3
Application	Cisco	Secure Access Control System	5.4.0.46.2
Application	Cisco	Secure Access Control System	5.4.0.46.1
Application	Cisco	Secure Access Control System	5.3.0.40.9
Application	Cisco	Secure Access Control System	5.3.0.40.8
Application	Cisco	Secure Access Control System	5.3.0.40.7
Application	Cisco	Secure Access Control System	5.3.0.40.6
Application	Cisco	Secure Access Control System	5.3.0.40.5
Application	Cisco	Secure Access Control System	5.3.0.40.4
Application	Cisco	Secure Access Control System	5.3.0.40.3
Application	Cisco	Secure Access Control System	5.3.0.40.2
Application	Cisco	Secure Access Control System	5.3.0.40.1

Results limited to 20 most recent known configurations