CVE-2004-1458

The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-1458
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / secure_access_control_server	3.2	3.2.x
cisco / secure_acs_solution_engine	-	-
cisco / secure_access_control_server	3.3(1)	3.3(1).x
cisco / secure_access_control_server	3.0	3.0.x
cisco / secure_access_control_server	3.1	3.1.x
cisco / secure_access_control_server	3.3	3.3.x
cisco / secure_access_control_server	3.2(3)	3.2(3).x
cisco / secure_access_control_server	3.2(1)	3.2(1).x
cisco / secure_access_control_server	3.2(2)	3.2(2).x

http://osvdb.org/9182
http://secunia.com/advisories/12386/
http://www.ciac.org/ciac/bulletins/o-203.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml
http://www.securityfocus.com/bid/11047
https://exchange.xforce.ibmcloud.com/vulnerabilities/17114

Vulnerability Database

289,784

CVE-2004-1458