Signature Detail
Short Name |
APP:CISCO:SECUREACS-AUTH-BYPASS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Cisco Secure Access Control Server Authorization Bypass |
Release Date |
2013/07/03 |
Update Number |
2278 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Cisco Secure Access Control Server Authorization Bypass
This signature detects attempts to exploit a known vulnerability against Cisco Secure ACS. Version 3.3.1 is vulnerable. Attackers can bypass mandatory certificate checks and gain unauthorized access.
Extended Description
Cisco Secure Access Control Server is affected by a remote authentication bypass vulnerability. This issue is due to a failure of the software to properly validate user credentials prior to granting access. The problem presents itself when an attacker attempts to authenticate to the affected server. Apparently the application will grant access to any attacker that presents a valid user name and a certificate that is cryptographically correct. An attacker can leverage this issue to gain unauthorized remote access to any devices or networks that rely on the affected software for access control.
Affected Products
- Cisco Secure Access Control Server 3.3.1
- Cisco Secure ACS Solution Engine 3.3.1
- Cisco Secure ACS Solution Engine
References
- BugTraq: 11577
- CVE: CVE-2004-1099