Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.
https://exchange.xforce.ibmcloud.com/vulnerabilities/85625
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3424