CVSS: 5.0EPSS: 1%CPEs: 10EXPL: 0CVE-2004-1458
https://notcve.org/view.php?id=CVE-2004-1458
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. • http://osvdb.org/9182 http://secunia.com/advisories/12386 http://www.ciac.org/ciac/bulletins/o-203.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17114 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-1461
https://notcve.org/view.php?id=CVE-2004-1461
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. • http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17118 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-1460
https://notcve.org/view.php?id=CVE-2004-1460
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. • http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17117 •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 0CVE-2003-0210
https://notcve.org/view.php?id=CVE-2003-0210
Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. Desbordamiento de búfer en el servicio de administración (CSAdmin) de Cisco Secure ACS anteriores a 3.1.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante un parámetro de usuario largo al puerto 2002. • http://marc.info/?l=bugtraq&m=105120066126196&w=2 http://marc.info/?l=ntbugtraq&m=105118056332344&w=2 http://www.cisco.com/warp/public/707/cisco-sa-20030423-ACS.shtml http://www.kb.cert.org/vuls/id/697049 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 2CVE-2002-0938 – Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0938
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. • https://www.exploit-db.com/exploits/21555 http://archives.neohapsis.com/archives/bugtraq/2002-06/0156.html http://online.securityfocus.com/archive/1/278222 http://www.iss.net/security_center/static/9353.php http://www.securityfocus.com/bid/5026 •