Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
5
Helpful
1
Replies

CSCuw24700 - Cisco ACS SQL Injection Vulnerability

covasangenut
Level 1
Level 1

‎10-26-2016 11:00 PM - edited ‎02-21-2020 10:31 AM

hi

I see reported affected version specific 5.7(0.15) by this bug

Anyone knows if bellow versions are affected also? like Cisco ACS v3.2??

thank you in advance

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎11-04-2016 06:03 PM

Hi there, according to the details listed in the bug, only 5.7(0.15) is affected by this. Also, starting with v5, the architecture was completely changed in ACS by going to Linux. Prior to 5.x, ACS was running on the top of Windows. Thus, it is highly unlikely that those versions are affected. 

With that said, it is best to reach out to Cisco TAC and confirm 100% whether other versions (not listed on the bug details page) are affected. 

Also, keep in mind that ACS v3.x is EoL/EoS :)

I hope this helps!

Thank you for rating helpful posts!

Customers Also Viewed These Support Documents