The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco ACS

2 Cisco Secure Access Control System: external XML entity injection
An authenticated attacker can transmit malicious XML data to Cisco Secure Access Control System, in order to read a file, scan sites, or trigger a denial of service...
CERTFR-2017-AVI-052, cisco-sa-20170215-acs1, CVE-2017-3839, VIGILANCE-VUL-21867
2 Cisco Secure Access Control System: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Secure Access Control System, in order to run JavaScript code in the context of the web site...
CERTFR-2017-AVI-052, cisco-sa-20170215-acs, CVE-2017-3838, VIGILANCE-VUL-21868
1 Cisco Secure Access Control System: open redirect
An attacker can deceive the user of Cisco Secure Access Control System, in order to redirect him to a malicious site...
CERTFR-2017-AVI-052, cisco-sa-20170215-acs2, CVE-2017-3840, VIGILANCE-VUL-21866
3 Cisco Secure Access Control System: password disclosure in the configuration interface
An attacker can access to parameter view pages of the Web interface of Cisco Secure Access Control System, in order to obtain sensitive information...
CERTFR-2017-AVI-052, cisco-sa-20170215-acs3, CVE-2017-3841, VIGILANCE-VUL-21864
2 OpenSSL 1.1: three vulnerabilities
An attacker can use several vulnerabilities of OpenSSL 1.1...
2004036, 2004940, 2011567, 492284, 492616, bulletinapr2017, CERTFR-2018-AVI-343, cisco-sa-20161114-openssl, cpuapr2019, cpujan2018, cpujul2017, CVE-2016-7053, CVE-2016-7054, CVE-2016-7055, ESA-2016-148, ESA-2016-149, FG-IR-17-019, JSA10775, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2018:0458-1, SA40423, VIGILANCE-VUL-21093
2 NTP.org: multiple vulnerabilities
An attacker can use several vulnerabilities of NTP.org...
2009389, bulletinoct2016, CERTFR-2017-AVI-090, cisco-sa-20161123-ntpd, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311, CVE-2016-9312, FEDORA-2016-7209ab4e02, FEDORA-2016-c198d15316, FEDORA-2016-e8a8561ee7, FreeBSD-SA-16:39.ntp, HPESBHF03883, HPESBUX03706, HPESBUX03885, JSA10776, JSA10796, K51444934, K55405388, K87922456, MBGSA-1605, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2016:3280-1, pfSense-SA-17_03.webgui, RHSA-2017:0252-01, SA139, SSA:2016-326-01, TALOS-2016-0130, TALOS-2016-0131, TALOS-2016-0203, TALOS-2016-0204, USN-3349-1, VIGILANCE-VUL-21170, VU#633847
3 Apache Commons FileUpload: read-write access
An attacker can bypass access restrictions of Apache Commons FileUpload, in order to read or alter files...
2009844, 2011428, 2011689, 528262, 7018113, 7043863, 7048591, CERTFR-2018-AVI-531, cisco-sa-20181107-struts-commons-fileupload, cpuapr2019, cpujan2019, cpujul2019, cpuoct2019, CVE-2016-1000031, DSA-2018-210, openSUSE-SU-2019:1399-1, SUSE-SU-2019:1212-2, SUSE-SU-2019:1214-1, SUSE-SU-2019:14044-1, TRA-2016-12, VIGILANCE-VUL-20892, ZDI-16-570
2 OpenSSL 1.0.2i: NULL pointer dereference via CRL
An attacker can force a NULL pointer to be dereferenced via a CRL on an application linked to OpenSSL 1.0.2i, in order to trigger a denial of service...
1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-7052, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FreeBSD-SA-16:27.openssl, HPESBHF03856, JSA10759, openSUSE-SU-2016:2496-1, openSUSE-SU-2018:0458-1, SA132, SB10171, SP-CAAAPUE, SPL-129207, SSA:2016-270-01, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, TNS-2016-16, VIGILANCE-VUL-20701
3 OpenSSL 1.1.0a: use after free via TLS
An attacker can force the usage of a freed memory area via TLS on an application linked to OpenSSL 1.1.0a, in order to trigger a denial of service, and possibly to run code...
1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, CVE-2016-6309, HPESBHF03856, JSA10759, SA132, TNS-2016-16, VIGILANCE-VUL-20700
3 OpenSSL: seven vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2000544, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, bulletinoct2016, CERTFR-2016-AVI-320, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpuapr2018, cpujan2017, cpujan2018, cpujul2017, cpujul2019, cpuoct2017, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, HT207423, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, RHSA-2016:2802-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA132, SA40312, SB10171, SB10215, SOL54211024, SOL90492697, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, STORM-2016-005, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20678
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco ACS: