Unrated severityNVD Advisory· Published Apr 22, 2002· Updated Jun 16, 2026
CVE-2002-0159
CVE-2002-0159
Description
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:cisco:secure_access_control_server:2.6:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:cisco:secure_access_control_server:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:*:*:*:*:*:*
- (no CPE)range: <=3.01 (build 40)
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.