Vulnerability Description
Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ace 4710 | All versions |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.sPatchVendor Advisory
- http://www.securityfocus.com/bid/33900
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.sPatchVendor Advisory
- http://www.securityfocus.com/bid/33900
FAQ
What is CVE-2009-0621?
CVE-2009-0621 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it ...
How severe is CVE-2009-0621?
CVE-2009-0621 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0621?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ace 4710.