PT-2009-3263 · Cisco · Cisco Ace Application Control Engine Module+3

Published

2009-02-26

Updated

2009-02-27

CVE-2009-0622

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers versions prior to A2(1.2) Cisco ACE 4710 Application Control Engine Appliance versions prior to A1(8a)

Description The issue allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).

Recommendations For Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers versions prior to A2(1.2), update to version A2(1.2) or later. For Cisco ACE 4710 Application Control Engine Appliance versions prior to A1(8a), update to version A1(8a) or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-0622

Affected Products

7600 Routers

Catalyst 6500 Switches

Cisco Ace 4710 Application Control Engine Appliance

Cisco Ace Application Control Engine Module

PT-2009-3263 · Cisco · Cisco Ace Application Control Engine Module+3

CVE-2009-0622

Related Identifiers

Affected Products

References · 4