Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0951

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-0951
Last Modified 05 Apr 2011 12:00:00
Published 04 Apr 2011 08:27:36
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0951

Summary

The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.

Vulnerable Systems

Application

  • Cisco Secure Access Control System 5.1

  • Cisco Secure Access Control System 5.1.0.44

  • Cisco Secure Access Control System 5.1.0.44.1

  • Cisco Secure Access Control System 5.1.0.44.2

  • Cisco Secure Access Control System 5.1.0.44.3

  • Cisco Secure Access Control System 5.1.0.44.4

  • Cisco Secure Access Control System 5.1.0.44.5

  • Cisco Secure Access Control System 5.2

  • Cisco Secure Access Control System 5.2.0.26

  • Cisco Secure Access Control System 5.2.0.26.1

  • Cisco Secure Access Control System 5.2.0.26.2


References

XF - cisco-acs-interface-security-bypass(66471)

VUPEN - ADV-2011-0821

BID - 47093

CISCO - 20110330 Cisco Secure Access Control System Unauthorized Password Change Vulnerability

SECTRACK - 1025271

SECUNIA - 43924


Last Updated: 27 May 2016 10:56:06