CVE-2009-0620 — HIGH (10.0)

Q: How severe is CVE-2009-0620?

CVE-2009-0620 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-0620?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Catalyst, Cisco Application Control Engine Module.

Vulnerability Description

Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.1) uses default (1) usernames and (2) passwords for (a) the administrator and (b) web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Catalyst	6500
Cisco	Application Control Engine Module	<= 0

Related Weaknesses (CWE)

CWE-255

References

FAQ

What is CVE-2009-0620?

CVE-2009-0620 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.1) uses default (1) usernames and (2) passwords for (a) the administrator and (b) web management, wh...

How severe is CVE-2009-0620?

CVE-2009-0620 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0620?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Catalyst, Cisco Application Control Engine Module.