CVE-2009-0622

2009-02-2616:17:20

cisco

web.nvd.nist.gov

cve-2009-0622

cisco

ace

application control engine

catalyst 6500

7600 routers

vulnerability

remote execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).

Affected configurations

Nvd

Node

ciscoapplication_control_engine_moduleRange≤1.1

ciscoapplication_control_engine_moduleMatch1.0

AND

ciscocatalyst_6500

ciscocatalyst_7600

Node

ciscoace_4710

VendorProductVersionCPE
ciscoapplication_control_engine_module*cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:*
ciscoapplication_control_engine_module1.0cpe:2.3:h:cisco:application_control_engine_module:1.0:*:*:*:*:*:*:*
ciscocatalyst_6500*cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
ciscocatalyst_7600*cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*
ciscoace_4710*cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	application_control_engine_module	*	cpe:2.3:h:cisco:application_control_engine_module::::::::
cisco	application_control_engine_module	1.0	cpe:2.3:h:cisco:application_control_engine_module:1.0:::::::*
cisco	catalyst_6500	*	cpe:2.3:h:cisco:catalyst_6500::::::::
cisco	catalyst_7600	*	cpe:2.3:h:cisco:catalyst_7600::::::::
cisco	ace_4710	*	cpe:2.3:h:cisco:ace_4710::::::::