Default Credentials Vulnerability in Cisco ACE for Catalyst 6500 and 7600 Routers
CVE-2009-0620

Currently unrated

Key Information:

Vendor: Cisco
Status: Application Control Engine Module
Vendor: CVE Published:; 26 February 2009

Summary

The Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers prior to version A2(1.1) is susceptible to unauthorized access due to the use of default usernames and passwords for both administrator and web management interfaces. This flaw allows remote attackers to exploit these default settings, enabling them to make unauthorized configuration changes or gain OS-level access without substantial barriers.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/33900

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 26, 2009