cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2008-2441,https://securityvulnerability.io/vulnerability/CVE-2008-2441,,"Cisco Secure ACS 3.x before 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x before 4.1(4) Build 13 Patch 11, and 4.2.x before 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows remote authenticated users to cause a denial of service (CSRadius and CSAuth service crash) or possibly execute arbitrary code via a crafted RADIUS (1) EAP-Response/Identity, (2) EAP-Response/MD5, or (3) EAP-Response/TLS Message Attribute packet.",Cisco,"Secure Access Control Server,Secure Acs",,,0.07254000008106232,false,,false,false,false,,,false,false,,2008-09-04T16:00:00.000Z,0
CVE-2007-1467,https://securityvulnerability.io/vulnerability/CVE-2007-1467,,"Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form.",Cisco,"Unified Video Advantage,Unified Videoconferencing Manager,Vpn Client,Unified Personal Communicator,Wireless Lan Solution Engine,Ip Communicator,Unified Meetingplace,Ciscoworks,Wan Manager,Wireless Control System,Network Analysis Module,Security Device Manager,Acs Solution Engine,Unified Videoconferencing,Wireless Lan Controllers,Meetingplace,Call Manager,Unified Meetingplace Express",,,0.004230000078678131,false,,false,false,false,,,false,false,,2007-03-16T21:00:00.000Z,0
CVE-2004-1099,https://securityvulnerability.io/vulnerability/CVE-2004-1099,,"Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a ""cryptographically correct"" certificate with valid fields such as the username.",Cisco,"Secure Acs Solution Engine,Secure Access Control Server",,,0.015080000273883343,false,,false,false,false,,,false,false,,2005-01-10T05:00:00.000Z,0
CVE-2004-1460,https://securityvulnerability.io/vulnerability/CVE-2004-1460,,"Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.",Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.005270000081509352,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1461,https://securityvulnerability.io/vulnerability/CVE-2004-1461,,"Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.",Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.0035600000992417336,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0
CVE-2004-1458,https://securityvulnerability.io/vulnerability/CVE-2004-1458,,The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.,Cisco,"Secure Access Control Server,Secure Acs Solution Engine",,,0.009990000165998936,false,,false,false,false,,,false,false,,2004-12-31T05:00:00.000Z,0