CVE Vulnerabilities

CVE-2002-0160

Published: Apr 22, 2002 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a …. (modified ..) in the URL to port 2002.

Affected Software

Name Vendor Start Version End Version
Secure_access_control_server Cisco 2.6 2.6
Secure_access_control_server Cisco 2.6.2 2.6.2
Secure_access_control_server Cisco 2.6.3 2.6.3
Secure_access_control_server Cisco 2.6.4 2.6.4
Secure_access_control_server Cisco 3.0 3.0
Secure_access_control_server Cisco 3.0.1 3.0.1

References