CVE-2013-5470

Published: Sep 4, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote attackers to cause a denial of service (process crash) via malformed TCP packets, aka Bug ID CSCuh12488.

Affected (1)

Products: Cisco: Secure Access Control System

Cisco

1 product

Secure Access Control System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Secure Access Control System	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://osvdb.org/96822

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5470

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/62145

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://osvdb.org/96822

Source: af854a3a-2127-422b-91ae-364da2661108

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5470

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/62145

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.