Cisco.Secure.ACS.EAP-TLS.Authentication.Bypass
Description
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) version 3.3.1 has an Authentication bypass vulnerability. A remote attacker could access the network via a untrusted certificate with valid username.
Affected Products
Cisco Secure ACS Solution Engine
Cisco Secure ACS for Windows 3.3.1
Impact
Authentication Bypass
Recommended Actions
Upgrade to latest version of Cisco Secure ACS and Solution Engine (3.3.2 or later):
http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |