CVE-2004-1458

4 documents4 sources

Severity

5.0MEDIUM

EPSS

1.1%

top 21.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Access Control Server

Timeline

PublishedDec 31

Latest updateApr 29

Description

The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/secure_access_control_server8 versions+7

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-3xhx-6w8v-5rjh: The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3↗2022-04-29

▶

CVEList

CVE-2004-1458: The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3↗2005-02-13

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco Secure Access Control Server↗2004-08-25

▶