Cisco Releases Security Advisories

Cisco has released a security advisory to address a vulnerability in some versions of Cisco Secure Access Control System (ACS). This vulnerability may allow an attacker to change the password of a user account without any previous access to the user's account or knowledge of the account's previous password.



Additionally, Cisco has released a security advisory to address a vulnerability in some versions of the Cisco Network Access Control (NAC) Guest Server System Software. This vulnerability may allow an unauthenticated user to access the protected network.



US-CERT encourages users and administrators to review Cisco security advisories cisco-sa-20110330-acs and cisco-sa-20110330-nac and apply any necessary updates to help mitigate the risks.