CVE-2011-0951

The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.

Published: Apr 4, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0951
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
cisco / secure_access_control_system	5.2	5.2.x
cisco / secure_access_control_system	5.2.0.26	5.2.0.26.x
cisco / secure_access_control_system	5.1.0.44.2	5.1.0.44.2.x
cisco / secure_access_control_system	5.1.0.44	5.1.0.44.x
cisco / secure_access_control_system	5.1.0.44.5	5.1.0.44.5.x
cisco / secure_access_control_system	5.1.0.44.3	5.1.0.44.3.x
cisco / secure_access_control_system	5.1.0.44.1	5.1.0.44.1.x
cisco / secure_access_control_system	5.2.0.26.2	5.2.0.26.2.x
cisco / secure_access_control_system	5.1	5.1.x
cisco / secure_access_control_system	5.2.0.26.1	5.2.0.26.1.x
cisco / secure_access_control_system	5.1.0.44.4	5.1.0.44.4.x

Vulnerability Database

289,871

CVE-2011-0951