Vulnerabilities > Cisco > Secure Access Control System > 5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-16 | CVE-2014-0650 | Improper Input Validation vulnerability in Cisco Secure Access Control System The web interface in Cisco Secure Access Control System (ACS) 5.x before 5.4 Patch 3 allows remote attackers to execute arbitrary operating-system commands via a request to this interface, aka Bug ID CSCue65962. | 10.0 |
| 2014-01-16 | CVE-2014-0649 | Permissions, Privileges, and Access Controls vulnerability in Cisco Secure Access Control System The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180. | 9.0 |
| 2014-01-16 | CVE-2014-0648 | Permissions, Privileges, and Access Controls vulnerability in Cisco Secure Access Control System The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187. | 10.0 |
| 2011-04-04 | CVE-2011-0951 | Credentials Management vulnerability in Cisco Secure Access Control System The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440. | 5.0 |