Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Secure Access Control System未授权密码更改安全策略绕过漏洞
Vulnerability Description
Cisco Secure ACS是中央RADIUS和TACACS+服务器,集成了用户身份验证、用户和管理员设备访问控制和策略控制为一个集中的统一网络解决方案。 Cisco Secure Access Control System(ACS)5.1.0.44.6之前的5.1版本及5.2.0.26.3之前的5.2版本的基于web的管理界面中存在信任管理漏洞。此漏洞可使远程未验证攻击者不用提供旧密码即可任意更改所有用户账号的密码,成功利用此漏洞要求在内部ID库中定义用户账号。 此漏洞不允许攻击者执行对ACS数据库
CVSS Information
N/A
Vulnerability Type
N/A