Lucene search

MitreCVE-2009-0742

HistoryFeb 26, 2009 - 4:17 p.m.

CVE-2009-0742

2009-02-2616:17:20

CWE-310

mitre

web.nvd.nist.gov

cisco

ace

application control

security

cve-2009-0742

vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

48.6%

JSON

The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information.

Affected configurations

Nvd

Node

ciscoapplication_control_engine_module

AND

ciscocatalyst_6500

ciscocatalyst_7600

Node

ciscoace_4710

VendorProductVersionCPE
ciscoapplication_control_engine_module*cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:*
ciscocatalyst_6500*cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*
ciscocatalyst_7600*cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*
ciscoace_4710*cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	application_control_engine_module	*	cpe:2.3:h:cisco:application_control_engine_module::::::::
cisco	catalyst_6500	*	cpe:2.3:h:cisco:catalyst_6500::::::::
cisco	catalyst_7600	*	cpe:2.3:h:cisco:catalyst_7600::::::::
cisco	ace_4710	*	cpe:2.3:h:cisco:ace_4710::::::::

References

www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

48.6%

JSON

Related for CVE-2009-0742