Cisco Bug: CSCut62022 - Too many REST calls can cause DoS on the ACS
Jan 25, 2018
- Cisco Secure Access Control Server Solution Engine
Known Affected Releases
Symptom: A vulnerability in Representational State Transfer (REST) Application Programming Interface (API) interface of the Access Control Server (ACS) could allow an unauthenticated, remote attacker to cause the ACS to reject or not service a valid ACS REST API request. The vulnerability is due to how the ACS REST API handles increased traffic load. An attacker could exploit this vulnerability by a distributed denial-of-service (DoS) traffic pattern to increase traffic load to the ACS server to the REST API. An exploit could allow the attacker to cause the ACS REST API to reject or not service valid requests. Conditions: The ACS REST feature is enabled via the ''acs config-web-interface rest enable'' command.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases