CVE-2009-0621

Name of the Vulnerable Software and Affected Versions Cisco ACE 4710 Application Control Engine Appliance versions prior to A1(8a)

Description The issue allows remote attackers to perform configuration changes or obtain operating-system access due to the use of default usernames and passwords for administrator, web management, and device management.

Recommendations For versions prior to A1(8a), update to A1(8a) or later to resolve the issue. As a temporary workaround, consider changing the default usernames and passwords for the administrator, web management, and device management to minimize the risk of exploitation. Restrict access to the Device Manager and other components until the update is applied.