Cisco Releases Security Advisory for Cisco Secure Access Control System

Original release date: January 15, 2014

Cisco has released a security advisory to address multiple vulnerabilities in Cisco Secure Access Control System (ACS). These vulnerabilities affect the following:

  • Cisco Secure ACS RMI Privilege Escalation Vulnerability
  • Cisco Secure ACS RMI Unauthenticated User Access Vulnerability
  • Cisco Secure ACS RMI Operating System Command Injection Vulnerability

Successful exploitation could allow a remote, unauthenticated attacker to perform administrative actions on the system. 

US-CERT encourages users and administrators to review the following Cisco Security Advisory and apply any necessary updates to help mitigate the risk.


This product is provided subject to this Notification and this Privacy & Use policy.