← Back

Secure Acs Solution Engine

secure_acs_solution_engine

Vendor: Cisco • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-1099
1Cisco
2Secure Access Control Server
Secure Acs Solution Engine
Apr 16, 2026
Jan 10, 2005
N/A· v4
N/A· v3
10.0 HIGH· v2
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or u...Show more
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.Show less
CVE-2004-1461
1Cisco
2Secure Access Control Server
Secure Acs Solution Engine
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authenticati...Show more
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.Show less
CVE-2004-1460
1Cisco
2Secure Access Control Server
Secure Acs Solution Engine
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized a...Show more
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.Show less
CVE-2004-1458
1Cisco
2Secure Access Control Server
Secure Acs Solution Engine
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.