Cisco Secure ACS Portal Interface Session Hijacking
Medium Nessus Plugin ID 72338
SynopsisThe remote host is missing a vendor-supplied security patch.
DescriptionThe version of Cisco Secure Access Control System (ACS) on the remote host is affected by a vulnerability in the Portal Interface. Due to insufficient session management, this could allow a remote, authenticated attacker to perform actions in the portal with the privileges of another user.
SolutionApply the Cisco Secure Access Control System patch referenced in Cisco Bug Id CSCue65951.