The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco Access Control Server

computer vulnerability announce CVE-2018-0414

Cisco Secure Access Control Server: external XML entity injection

Synthesis of the vulnerability

An attacker can transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 06/09/2018.
Identifiers: CERTFR-2018-AVI-423, cisco-sa-20180905-acsxxe, CSCvi85318, CVE-2018-0414, VIGILANCE-VUL-27157.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Cisco Secure Access Control Server parser allows external entities.

An attacker can therefore transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-5391

Linux kernel: denial of service via FragmentSmack

Synthesis of the vulnerability

An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service.
Impacted products: GAiA, SecurePlatform, CheckPoint Security Gateway, Cisco Aironet, IOS XE Cisco, Nexus by Cisco, Prime Collaboration Assurance, Prime Infrastructure, Cisco Router, Secure ACS, Cisco CUCM, Cisco UCS, Cisco Unified CCX, Cisco IP Phone, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Junos Space, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, openSUSE Leap, Palo Alto Firewall PA***, PAN-OS, RHEL, RSA Authentication Manager, SUSE Linux Enterprise Desktop, SLES, Symantec Content Analysis, ProxySG by Symantec, Synology DSM, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 16/08/2018.
Identifiers: ADV180022, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-457, CERTFR-2018-AVI-478, CERTFR-2018-AVI-533, CERTFR-2019-AVI-233, CERTFR-2019-AVI-242, cisco-sa-20180824-linux-ip-fragment, CVE-2018-5391, DLA-1466-1, DLA-1529-1, DSA-2019-062, DSA-4272-1, FragmentSmack, JSA10917, K74374841, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2019:0274-1, PAN-SA-2018-0012, RHSA-2018:2785-01, RHSA-2018:2791-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:2948-01, RHSA-2018:3083-01, RHSA-2018:3096-01, RHSA-2018:3459-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, sk134253, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1289-1, SYMSA1467, Synology-SA-18:44, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, VIGILANCE-VUL-27009, VU#641765.

Description of the vulnerability

An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-0147

Cisco Secure Access Control System: code execution via Java Deserialization

Synthesis of the vulnerability

An attacker can use a vulnerability via Java Deserialization of Cisco Secure Access Control System, in order to run code.
Impacted products: Secure ACS.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: internet client.
Creation date: 08/03/2018.
Identifiers: CERTFR-2018-AVI-116, cisco-sa-20180307-acs2, CSCvh25988, CVE-2018-0147, VIGILANCE-VUL-25489.

Description of the vulnerability

An attacker can use a vulnerability via Java Deserialization of Cisco Secure Access Control System, in order to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-0218

Cisco Secure Access Control Server: external XML entity injection

Synthesis of the vulnerability

An attacker can transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 08/03/2018.
Identifiers: cisco-sa-20180307-acs1, CSCve70616, CVE-2018-0218, VIGILANCE-VUL-25483.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Cisco Secure Access Control Server parser allows external entities.

An attacker can therefore transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-0207

Cisco Secure Access Control Server: external XML entity injection

Synthesis of the vulnerability

An attacker can transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 08/03/2018.
Identifiers: cisco-sa-20180307-acs, CSCve70595, CVE-2018-0207, VIGILANCE-VUL-25482.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Cisco Secure Access Control Server parser allows external entities.

An attacker can therefore transmit malicious XML data to Cisco Secure Access Control Server, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-12354

Cisco Secure Access Control System: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Cisco Secure Access Control System, in order to obtain sensitive information.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 30/11/2017.
Identifiers: cisco-sa-20171129-acs, CSCvf66155, CVE-2017-12354, VIGILANCE-VUL-24575.

Description of the vulnerability

An attacker can bypass access restrictions to data of Cisco Secure Access Control System, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-6769

Cisco ACS: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of Cisco ACS, in order to run JavaScript code in the context of the web site.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 27/07/2017.
Identifiers: cisco-sa-20170726-acs, CSCve70587, CVE-2017-6769, VIGILANCE-VUL-23378.

Description of the vulnerability

The Cisco ACS product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of Cisco ACS, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-3839

Cisco Secure Access Control System: external XML entity injection

Synthesis of the vulnerability

An authenticated attacker can transmit malicious XML data to Cisco Secure Access Control System, in order to read a file, scan sites, or trigger a denial of service.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: document.
Creation date: 16/02/2017.
Revision date: 17/02/2017.
Identifiers: CERTFR-2017-AVI-052, cisco-sa-20170215-acs1, CVE-2017-3839, VIGILANCE-VUL-21867.

Description of the vulnerability

XML data can contain external entities (DTD):
  <!ENTITY name SYSTEM "file">
  <!ENTITY name SYSTEM "http://server/file">
A program which reads these XML data can replace these entities by data coming from the indicated file. When the program uses XML data coming from an untrusted source, this behavior leads to:
 - content disclosure from files of the server
 - private web site scan
 - a denial of service by opening a blocking file
This feature must be disabled to process XML data coming from an untrusted source.

However, the Cisco Secure Access Control System parser allows external entities.

An authenticated attacker can therefore transmit malicious XML data to Cisco Secure Access Control System, in order to read a file, scan sites, or trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-3838

Cisco Secure Access Control System: Cross Site Scripting

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting of Cisco Secure Access Control System, in order to run JavaScript code in the context of the web site.
Impacted products: Secure ACS.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 16/02/2017.
Identifiers: CERTFR-2017-AVI-052, cisco-sa-20170215-acs, CVE-2017-3838, VIGILANCE-VUL-21868.

Description of the vulnerability

The Cisco Secure Access Control System product offers a web service.

However, it does not filter received data before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting of Cisco Secure Access Control System, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-3840

Cisco Secure Access Control System: open redirect

Synthesis of the vulnerability

An attacker can deceive the user of Cisco Secure Access Control System, in order to redirect him to a malicious site.
Impacted products: Secure ACS.
Severity: 1/4.
Consequences: user access/rights, data reading.
Provenance: internet client.
Creation date: 16/02/2017.
Identifiers: CERTFR-2017-AVI-052, cisco-sa-20170215-acs2, CVE-2017-3840, VIGILANCE-VUL-21866.

Description of the vulnerability

The Cisco Secure Access Control System product offers a web service.

However, the web service accepts to redirect the victim with no warning, to an external site indicated by the attacker.

An attacker can therefore deceive the user of Cisco Secure Access Control System, in order to redirect him to a malicious site.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco Access Control Server: