Cisco Releases Security Advisory for Cisco Secure Access Control System

Cisco has released a security advisory to address multiple vulnerabilities in Cisco Secure Access Control System (ACS). These vulnerabilities affect the following:

• Cisco Secure ACS RMI Privilege Escalation Vulnerability
• Cisco Secure ACS RMI Unauthenticated User Access Vulnerability
• Cisco Secure ACS RMI Operating System Command Injection Vulnerability

Successful exploitation could allow a remote, unauthenticated attacker to perform administrative actions on the system. 

US-CERT encourages users and administrators to review the following Cisco Security Advisory and apply any necessary updates to help mitigate the risk.