CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Secure_access_control_server | Cisco | 2.1 | 2.1 |
Secure_access_control_server | Cisco | 2.3(3) | 2.3(3) |
Secure_access_control_server | Cisco | 2.4(2) | 2.4(2) |