Cisco Secure Access Control (cisco-sa-20180502-acs1)
Critical Nessus Plugin ID 110399
SynopsisThe remote host is missing a vendor-supplied security patch.
DescriptionThe version of Cisco Secure Access Control System (ACS) running on the remote host is prior to 22.214.171.124.7 Cumulative Patch. It is, therefore, affected by a flaw in the ACS Report component that is triggered when handling specially crafted Action Message Format (AMF) messages. This may allow a remote attacker to potentially execute arbitrary code.
SolutionUpgrade to version 126.96.36.199.7 Cumulative Patch or later.