Known Vulnerabilities for Secure Access Control System by Cisco

Listed below are 10 of the newest known vulnerabilities associated with "Secure Access Control System" by "Cisco".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2018-0253	A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remot...	9.8 - CRITICAL	2018-05-02	2019-10-09
CVE-2018-0147	A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could a...	9.8 - CRITICAL	2018-03-08	2020-09-04
CVE-2017-12354	A vulnerability in the web-based interface of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote...	5.3 - MEDIUM	2017-11-30	2019-10-09
CVE-2017-6769	A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenti...	5.4 - MEDIUM	2017-08-07	2017-08-10
CVE-2017-3841	A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote a...	7.5 - HIGH	2017-02-22	2017-07-25
CVE-2017-3840	A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote a...	6.1 - MEDIUM	2017-02-22	2017-07-25
CVE-2017-3839	An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could al...	4.3 - MEDIUM	2017-02-22	2019-10-03
CVE-2017-3838	A vulnerability in Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to conduct a DOM-...	6.1 - MEDIUM	2017-02-22	2017-07-25
CVE-2015-0728	Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote attackers to inject arbi...	4.3 - MEDIUM	2015-05-15	2017-01-06
CVE-2015-0580	Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) ...	6.5 - MEDIUM	2015-02-12	2017-09-08

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Cisco	Secure Access Control System	5.8\(1.5\)	All	All	All
Application	Cisco	Secure Access Control System	5.8\(0.8\)	All	All	All
Application	Cisco	Secure Access Control System	5.7\(0.15\)	All	All	All
Application	Cisco	Secure Access Control System	5.5\(0.1\)	All	All	All
Application	Cisco	Secure Access Control System	5.5.0.46	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.6	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.5	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.4	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.3	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.2	All	All	All
Application	Cisco	Secure Access Control System	5.4.0.46.1	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.9	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.8	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.7	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.6	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.5	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.4	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.3	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.2	All	All	All
Application	Cisco	Secure Access Control System	5.3.0.40.1	All	All	All

Results limited to 20 most recent known configurations