Описание
Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.
Ссылки
- PatchVendor Advisory
- Patch
- ExploitPatch
- PatchVendor Advisory
- Patch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:acs_for_windows:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:acs_solution_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:user_changeable_password:4.1:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.76775
Высокий
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.
EPSS
Процентиль: 99%
0.76775
Высокий
10 Critical
CVSS2
Дефекты
CWE-119