CVE-2015-0580 — Vulnetix

CVE-2015-0580 PUBLISHED CVSS 6.5 MEDIUM

Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Access Control System (ACS) before 5.5 patch 7 allow remote authenticated administrators to execute arbitrary SQL commands via crafted HTTPS requests, aka Bug ID CSCuq79027.

EPSS 0.10% · 28.1th percentile

Risk Scores

CVSS 2.0

6.5

EPSS Score

0.10%

28.1th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*
cisco	secure_access_control_system	0

Exploit Intelligence

20150211 Cisco Secure Access Control System SQL Injection Vulnerability (circl)
cisco-acs-cve20150580-sql-injection(100812) (circl)
72576 (circl)
1031740 (circl)

Timeline

Feb 11, 2015 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

20150211 Cisco Secure Access Control System SQL Injection Vulnerability vendor-advisory
cisco-acs-cve20150580-sql-injection(100812) vdb
72576 vdb
1031740 vdb
https://nvd.nist.gov/vuln/detail/CVE-2015-0580 advisory

Open in Interactive Console →