CVE-2011-3293
Cisco Secure Access Control Server - Cross-Site Request Forgery
Title source: llmDescription
Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49101
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53436
Vendor Advisory x_refsource_confirm
http://www.cisco.com/web/software/282766937/37718/Acs-5-2-0-26-9-Readme.txt
Scores
EPSS
0.0113
EPSS Percentile
62.5%
Details
CWE
CWE-352
Status
published
Products (1)
cisco/secure_access_control_server
5.2
Published
May 02, 2012
Tracked Since
Feb 18, 2026