Cisco has issued a security fix for certain versions of its Cisco Secure Access Control Server (ACS) for Windows and the Cisco Secure ACS Solution Engine.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Cisco said the problem caused multiple vulnerabilities, including the threat of crashed services. Two of the vulnerabilities may also permit arbitrary code execution by remote attackers after exploitation of the problem.
Versions of Cisco Secure Access Control Server for Windows and Cisco Secure Access Control Server Solution Engine prior to 4.1 are vulnerable, said Cisco.
The solutions support remote dial-in user access. The vulnerabilities were reported to Cisco by various security researchers.
More details on the problem are available here:
Click to read articles on security
Comment on this article: firstname.lastname@example.org