
Security Bypass Cisco Secure ACS
Vulnerability: Security Bypass Cisco Secure
ACSDanger: Low
Patch: Yes
Quantity of vulnerabilities: 1
Vector operation: Remote
Impact: Security Bypass
Exploit: functional exploit
Affected Products: Cisco Secure ACS 5.x
Affected versions:
– Cisco Secure ACS 5.0;
– Cisco Secure ACS 5.1;
– Cisco Secure ACS 5.2;
– Cisco Secure ACS 5.3.
Description:
Which can be exploited by malicious people to bypass certain security restrictions on the target system.
The vulnerability is caused due to improper validation user password authentication protocol TACACS +. This can be a special sequence of characters to bypass the authentication mechanism of the system.
Manufacturer: Cisco Systems, Inc.
Solution: To resolve the vulnerability patch from the manufacturer.
links:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs