CVE-2018-0147
Cisco / Secure Access Control System (ACS)
Added 2022-03-25
Due 2022-04-15
Cisco Secure Access Control System Java Deserialization Vulnerability
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Required action
Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0147
Metadata
| Added to KEV | 2022-03-25 |
| Remediation due | 2022-04-15 |
| Ransomware use | Unknown |
| CWEs | CWE-20 |
| Ingested | 2026-04-24 15:03:13 |
Cross-mesh regulatory overlay
If you're breached via this CVE, what disclosure laws and cyber regs fire? Asks LexiWorld and RegulatoryRadar via signed mesh.