Cisco Secure Access Control System Distributed Deployment Denial of Service Vulnerability

A vulnerability in the firewall modules of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to cause certain internal processes to crash.

The vulnerability is due to improper implementation of the firewall rule to limit incoming packets. An attacker could exploit this vulnerability by flooding the affected service with crafted packets. An exploit could allow the attacker to render some processes nonoperational, resulting in a denial of service (DoS) condition.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.