Cisco Access Control Server File Inclusion Vulnerability (CVE-2015-0729)
Cisco Access Control Server File Inclusion Vulnerability (CVE-2015-0729)
Release date:
Updated on:
Affected Systems:
Cisco Access Control Server
Description:
CVE (CAN) ID: CVE-2015-0729
Cisco Secure Access Control System is an Access policy Control platform.
Cisco Access Control Server (ACS) does not properly verify user input for certain parameters and has a security vulnerability. unauthenticated remote attackers exploit this vulnerability to include executable files, execute any code in the context of the affected site.
<* Source: Cisco
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 38864
This article permanently updates the link address: