Cisco Secure Access Control Server Default Tomcat Administration Interface Vulnerability

A vulnerability in Cisco Secure Access Control Server (ACS) may allow an authenticated, remote attacker to render the ACS web interface unreachable and to execute arbitrary code on the server with the privileges of the web server.

The vulnerability is due to a default Tomcat administration web interface, which was included unintentionally. An attacker who has an ACS administrative account could exploit this vulnerability by accessing the Tomcat administration interface and modifying the ACS application files and web interface configuration.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, an attacker must authenticate to the targeted system. This access requirement decreases the likelihood of a successful exploit.