PT-2009-3360 · Cisco · Cisco Ace Application Control Engine Module+1
Published
2009-02-26
·
Updated
2009-02-27
·
CVE-2009-0742
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers (affected versions not specified)
Cisco ACE 4710 Application Control Engine Appliance (affected versions not specified)
Description
The issue concerns the storage of cleartext passwords by the
username command, allowing attackers to obtain sensitive information in certain contexts.Recommendations
For Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers, consider disabling the storage of cleartext passwords by the
username command until a fix is available.
For Cisco ACE 4710 Application Control Engine Appliance, consider disabling the storage of cleartext passwords by the username command until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability. Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ace 4710 Application Control Engine Appliance
Cisco Ace Application Control Engine Module