7.5
CVE-2004-1461
- EPSS 0.52%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version3.0
Cisco ≫ Secure Access Control Server Version3.1
Cisco ≫ Secure Access Control Server Version3.2
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_server
Cisco ≫ Secure Access Control Server Version3.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.66 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|