Cisco Releases Security Advisory
Last Revised
Cisco has released a security advisory to address a vulnerability in Cisco Secure Access Control Server (ACS) versions 4.0 through 4.2.1.15. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary commands. The vulnerability is only present when Cisco ACS is configured as a RADIUS server.
Cisco has released software updates that address this vulnerability.
US-CERT encourages administrators of this software to review Cisco Security Advisory 20130828-ACS, and follow best practice security policies to determine if their organization is affected and the appropriate response.
This product is provided subject to this Notification and this Privacy & Use policy.