All systems running Cisco IOS Software version 11.3(1.2) or 11.3(1.2)T,
and which use TACACS+, RADIUS, or other AAA services for authorization, are
affected by this vulnerability. If your configuration includes any command
beginning with "aaa authorization", then you are vulnerable. Systems using AAA
strictly for login authentication, as opposed to service authorization, and
systems using local authentication, are unaffected.
We believe that the most commonly affected configurations will be those
using TACACS+ or RADIUS servers.
Systems running engineering special releases containing the fix for bug
ID CSCdi51915 may also be affected. If you are a
user and you have logged in, you can view bug details.
registered customers only)
No other Cisco products are currently known to be affected by these