Cisco Secure ACS Authentication Bypass Vulnerability

Cisco Secure ACS is prone to an authentication-bypass vulnerability. This issue is due to the application's failure to properly ensure that remote web-based users are properly authenticated.

This issue allows remote attackers to gain administrative access to the web-based administrative interface of the affected application.

Cisco Secure ACS for Windows versions in the 4.x series were identified as vulnerable to this issue; other versions and platforms may also be affected.

This issue is being tracked by Cisco Bug IDs CSCse26754 and CSCse26719.


 

Privacy Statement
Copyright 2010, SecurityFocus