Vulnerability Key Information Vulnerability Description Vulnerability Name: Cisco Secure ACS Cross Site Scripting Vulnerability CVE ID: CVE-2006-3101 CWE ID: CWE-79 Vulnerability Details CVSS Base Score: 4.3/10 Exploit Range: Remote Impact Subscore: 2.9/10 Attack Complexity: Medium Exploitability Subscore: 8.6/10 Confidence: Low Affected Scope Affected Product: Cisco Secure ACS for Unix Not Affected: Cisco Secure ACS for Unix, Cisco Secure ACS for Windows, and Cisco Secure ACS Solution Engine are not affected Exploitation Method Exploitation: Cross Site Scripting (XSS) attacks can be performed via HTML GET and POST requests Risk: May cause ACS management users to be redirected to other hosts, enabling proxy login requests back to the real ACS server, while stealing administrator credentials. Solution Patch Download: Patch file CSCsd50560 is available for download from Cisco.com and can be applied Installation Steps: Stop the CiscoSecure process, back up the FastAdmin directory, copy the patch file, then restart the CiscoSecure process Recommended Actions Ensure only trusted administrator host IP addresses can access the Cisco Secure ACS server Restrict network components of the ACS server from being accessed over the internet