Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities found for ciscosecure by cisco
VAR-199908-0018
Vulnerability from variot - Updated: 2025-04-03 22:26A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199908-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ciscosecure",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ciscosecure",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "87034"
}
],
"trust": 0.3
},
"cve": "CVE-1999-0734",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0734",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-715",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0734",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199908-035",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-715",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-715"
},
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. \nAttackers can exploit this issue to perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0734"
},
{
"db": "BID",
"id": "87034"
},
{
"db": "VULHUB",
"id": "VHN-715"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-0734",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199908-035",
"trust": 0.7
},
{
"db": "BID",
"id": "87034",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-715",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-715"
},
{
"db": "BID",
"id": "87034"
},
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"id": "VAR-199908-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-715"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:26:29.970000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-19990819-dbaccess"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-715"
},
{
"db": "BID",
"id": "87034"
},
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-715"
},
{
"db": "BID",
"id": "87034"
},
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-715"
},
{
"date": "1999-08-19T00:00:00",
"db": "BID",
"id": "87034"
},
{
"date": "1999-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"date": "1999-08-19T04:00:00",
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-715"
},
{
"date": "1999-08-19T00:00:00",
"db": "BID",
"id": "87034"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199908-035"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-0734"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CiscoSecure Access control server (ACS) The authorization issue vulnerability is configured by default.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199908-035"
}
],
"trust": 0.6
}
}
CVE-1999-0734 (GCVE-0-1999-0734)
Vulnerability from cvelistv5 – Published: 2000-01-18 05:00 – Updated: 2024-08-01 16:48
VLAI?
Summary
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscosecure-read-write(3133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscosecure-read-write(3133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscosecure-read-write(3133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0734",
"datePublished": "2000-01-18T05:00:00.000Z",
"dateReserved": "1999-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-01T16:48:37.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0734 (GCVE-0-1999-0734)
Vulnerability from nvd – Published: 2000-01-18 05:00 – Updated: 2024-08-01 16:48
VLAI?
Summary
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscosecure-read-write(3133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscosecure-read-write(3133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscosecure-read-write(3133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3133"
},
{
"name": "19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0734",
"datePublished": "2000-01-18T05:00:00.000Z",
"dateReserved": "1999-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-01T16:48:37.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}