Cisco has released a security advisory to address multiple vulnerabilities in Cisco Secure Access Control System (ACS). These vulnerabilities affect the following:
- Cisco Secure ACS RMI Privilege Escalation Vulnerability
- Cisco Secure ACS RMI Unauthenticated User Access Vulnerability
- Cisco Secure ACS RMI Operating System Command Injection Vulnerability
Successful exploitation could allow a remote, unauthenticated attacker to perform administrative actions on the system.
US-CERT encourages users and administrators to review the following Cisco Security Advisory and apply any necessary updates to help mitigate the risk.