Cisco Releases Security Advisory for Cisco Secure Access Control Systems (ACS)

Cisco Secure Access Control Systems (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass the TACACS+ based authentication service offered by the product.

Cisco has released software updates that address this vulnerability.

US-CERT encourages users and administrators to review the Cisco Security Advisory 20121107-ACS and follow best practice security policies to determine if their organization is affected and the appropriate response.

This product is provided subject to this Notification and this Privacy & Use policy.