Cisco Secure Access Control System TACACS+ Authentication Bypass (cisco-sa-20121107-acs)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch.

Description :

The version of Cisco Secure Access Control (ACS) running on the remote
host has an authentication bypass vulnerability. When the system is
configured with an LDAP external identity store and TACACS+ is the
authentication protocol, the user-supplied password is not properly
validated. A remote attacker could exploit this to authenticate as a
known user to any system using TACACS+ in conjunction with an affected
Cisco Secure ACS.

See also :

http://www.nessus.org/u?db07b48f

Solution :

Upgrade to the relevant Cisco Secure Access Control System version
referenced in Cisco Security Advisory cisco-sa-20121107-acs.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 69135 ()

Bugtraq ID: 56433

CVE ID: CVE-2012-5424