Introduction
Due to the release of the Multiple Vulnerabilities in Cisco Secure Access Control System advisory an upgrade to ACS 5.5 is now required.
| 5.0 | 5.1 | 5.2 | 5.3 | 5.4 |
Cisco Secure ACS RMI Privilege Escalation Vulernability | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 |
Cisco Secure ACS RMI Unauthenticated User Access Vulnerability | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 or later | Migrate to 5.5 |
Cisco Secure ACS Operating System Command Injection Vulnerability | Migrate to 5.4 or later | Migrate to 5.4 or later | Migrate to 5.4 or later | Migrate to 5.4 or later | 5.4 Patch 3 |
First Fixed release for all vulnerabilities in this advisory
| | | | | 5.5
|
New and Changed Features
The following sections briefly describe the new and changed features in the 5.5 release:
Source: http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-5/release/notes/acs_55_rn.html#pgfId-71092
Steps to upgrade to 5.5
Due to CSCum04132 and CSCum26584, the following steps should be followed:
- Install the appropiate Pointed patch available for the current ACS version.
For 5.3 --> Pointed-PreUpgrade-CSCum04132-5-3-0-40.tar.gpg
For 5.4 --> Pointed-PreUpgrade-CSCum04132-5-4-0-46-0a.tar.gpg
- Install the 5.5 upgrade package: ACS_5.5.0.46.tar.gz
- Install the cumulative 5.5 patch: 5-5-0-46-1.tar.gpg
- To upgrade from ACS 5.4 to 5.5 patch-1, it is important to run the command "database-compress" prior to installing the Pointed Patch.
Note: In case of a Distributed deployment scenario, please deregister the secondary from the primary before the upgrade. Once both appliances run 5.5, including the cumulatve patch, register the secondary again.
Useful commands
- show repository your_repository
- show application status acs
- acs install patch Pointed-PreUpgrade-CSCum04132-5-3-0-40.tar.gpg repository your_repository
- application upgrade ACS_5.5.0.46.tar.gz your_repository
HTH.
- Javier