Cisco Secure ACS RMI Arbitrary File Read (CSCud75169)
Medium Nessus Plugin ID 72140
SynopsisThe remote host is missing a vendor-supplied security patch.
DescriptionThe version of Cisco Secure Access Control System (ACS) on the remote host is affected by a vulnerability in the Remote Method Invocation (RMI) interface. Due to insufficient authorization enforcement, this issue could allow a remote, authenticated attacker to read arbitrary files on the ACS server.
SolutionApply the Cisco Secure Access Control System patch referenced in Cisco Bug Id CSCud75169.