Cisco NAC Manager versions prior to the following are affected by this vulnerability:
The software version of a NAC Manager system can be determined by navigating to Administration > CCA Manager > Software Upload | Current Version
via the administration interface.
The software version can also be determined by running the command cat /perfigo/build in the command-line interface (CLI).
The following example shows a system running affected version (4.9.1) of the software:
[root@nacmanager ~]# cat /perfigo/build
NAME=Clean Access Manager.
Note: Cisco NAC Manager is part of the Cisco NAC Appliance, formerly known as Cisco Clean Access. Software versions 4.1.3 and later are using the name Cisco Network Admission Control (NAC).
With the exception of Cisco NAC Manager no other Cisco products are known to be affected by this vulnerability.
Note: The Cisco NAC Server and NAC Agent components of the Cisco NAC Appliance are not affected by this vulnerability.