Vulnerability Description
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Secure Access Control System | 5.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/43924Vendor Advisory
- http://securitytracker.com/id?1025271
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b74117.sVendor Advisory
- http://www.securityfocus.com/bid/47093
- http://www.vupen.com/english/advisories/2011/0821Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66471
- http://secunia.com/advisories/43924Vendor Advisory
- http://securitytracker.com/id?1025271
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b74117.sVendor Advisory
- http://www.securityfocus.com/bid/47093
- http://www.vupen.com/english/advisories/2011/0821Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66471
FAQ
What is CVE-2011-0951?
CVE-2011-0951 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 before 5.1.0.44.6 and 5.2 before 5.2.0.26.3 allows remote attackers to change arbitrary user passwords via unspecifie...
How severe is CVE-2011-0951?
CVE-2011-0951 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0951?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Secure Access Control System.