Cisco: >> Secure Access Control Server >> 3.2 Security Vulnerabilities
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
CVSS Score
7.5
EPSS Score
0.006
Published
2004-12-31
Page 2