Vulnerabilities > CVE-2015-0746 - 7PK - Security Features vulnerability in Cisco Secure Access Control Server 5.5(0.46.2)

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

CWE-254

NVD

Published: 2015-05-22

Updated: 2016-04-06

Summary

The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a denial of service (API outage) by sending many requests, aka Bug ID CSCut62022.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Secure Access Control Server 5.5\(0.46.2\)	1

Common Weakness Enumeration (CWE)

CWE-254 - 7PK - Security Features

References

http://tools.cisco.com/security/center/viewAlert.x?alertId=38946
http://www.securitytracker.com/id/1032387