CVE-2009-0742

Name of the Vulnerable Software and Affected Versions Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers (affected versions not specified) Cisco ACE 4710 Application Control Engine Appliance (affected versions not specified)

Description The issue concerns the storage of cleartext passwords by the username command, allowing attackers to obtain sensitive information in certain contexts.

Recommendations For Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers, consider disabling the storage of cleartext passwords by the username command until a fix is available. For Cisco ACE 4710 Application Control Engine Appliance, consider disabling the storage of cleartext passwords by the username command until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.