Re: CS ACS for windows downloadable ACL vulnerability
To exploit the weakness someone has to sniff the traffic between a device and ACS during a DACL exchange to capture the pseudo username used.
That fake username could be used to get access via any RADIUS protected services.
So its definately worth getting the fix, but only someone inside the organistion with access to the LAN traffic between ACS and device could get it.
BTW, editing the DACL (just re-save) changes the timestamp value used to name it - and hence renders any previously sniffed names useless. So until the fix is in place you could do periodic editing of the DACLs.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...