Vulnerabilities > Cisco > Secure Access Control Server > 5.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-11-07 | CVE-2012-5424 | Improper Input Validation vulnerability in Cisco Secure Access Control Server Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634. | 5.0 |