Description
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
Affected products
- Cisco / secure_access_control_server3.0 – 3.0
- Cisco / secure_access_control_server3.1 – 3.1
- Cisco / secure_access_control_server3.2 – 3.2
- Cisco / secure_access_control_server3.2 – 3.2
- Cisco / secure_access_control_server3.2(1) – 3.2(1)
- Cisco / secure_access_control_server3.2(2) – 3.2(2)
- Cisco / secure_access_control_server3.2(3) – 3.2(3)
- Cisco / secure_access_control_server3.3 – 3.3
- Cisco / secure_access_control_server3.3(1) – 3.3(1)
- Cisco / secure_acs_solution_engine