Cisco Secure Access Control System Input Validation Flaw Lets Remote Authenticated Users Inject SQL Commands
SecurityTracker Alert ID: 1031740|
SecurityTracker URL: http://securitytracker.com/id/1031740
(Links to External Site)
Updated: Mar 12 2015|
Original Entry Date: Feb 11 2015
Disclosure of system information, Disclosure of user information, User access via network|
Fix Available: Yes Vendor Confirmed: Yes |
Version(s): prior to 5.5 patch 8|
A vulnerability was reported in Cisco Secure Access Control System (ACS). A remote authenticated user can inject SQL commands.|
The reporting application does not properly validate user-supplied input. A remote authenticated administrator-level user can supply a specially crafted parameter value via HTTPS to execute SQL commands on the underlying ACS View database. This can be exploited to access information on the underlying file system.
The vendor has assigned bug ID CSCuq79027 to this vulnerability.
Lukasz Plonka from ING Services Polska reported this vulnerability.
A remote authenticated administrator-level user can execute SQL commands on the underlying database.|
The vendor has issued a fix (5.5 patch 8).|
[Editor's note: On March 11, 2015, the vendor updated their advisory to indicate that version 5.5 patch 7 is still vulnerable and that 5.5 patch 8 contains the proper fix.]
The vendor's advisory is available at:
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150211-csacs (Links to External Site)
Input validation error|
|Underlying OS: Windows (Any)|
Source Message Contents
Subject: Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability|
-----BEGIN PGP SIGNED MESSAGE-----
Cisco Secure Access Control System SQL Injection Vulnerability
Advisory ID: cisco-sa-20150211-csacs
For Public Release 2015 February 11 16:00 UTC (GMT)
Cisco Secure Access Control System (ACS) prior to version 5.5 patch 7 is vulnerable to a SQL injection attack in the ACS View reporting interface pages. A successful attack could allow an authenticated, remote attacker to access and modify information such as RADIUS accounting records stored in one of the ACS View databases or to access information in the underlying file system.
Cisco has released free software updates that address this vulnerability.
This advisory is available at the following link:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
-----END PGP SIGNATURE-----
cust-security-announce mailing list
To unsubscribe, send the command "unsubscribe" in the subject of your message to email@example.com