Cisco Secure ACS Authentication Bypass Vulnerability
Cisco Secure ACS is prone to an authentication-bypass vulnerability. This issue is due to the application's failure to properly ensure that remote web-based users are properly authenticated.
This issue allows remote attackers to gain administrative access to the web-based administrative interface of the affected application.
Cisco Secure ACS for Windows versions in the 4.x series were identified as vulnerable to this issue; other versions and platforms may also be affected.
This issue is being tracked by Cisco Bug IDs CSCse26754 and CSCse26719.