Cisco Secure Access Control Server (ACS) 4.1 for Windows

CPE Details

Cisco Secure Access Control Server (ACS) 4.1 for Windows
cisco
secure_access_control_server
4.1
2010-12-28
16h32 +00:00
2010-12-28
16h32 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:secure_access_control_server:4.1:-:windows:*:*:*:*:*

Informations

Vendor

cisco

Product

secure_access_control_server

Version

4.1

Update

-

edition

windows

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-3466 2013-08-29 08h00 +00:00 The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57636.
9.3
CVE-2006-4097 2007-01-08 22h00 +00:00 Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
7.8
CVE-2005-4499 2005-12-22 10h00 +00:00 The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
7.5