Описание
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- US Government Resource
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS2
Дефекты
Связанные уязвимости
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
EPSS
7.8 High
CVSS2