← Back

CVE-2009-0742

nvd nist
Published: Feb 26, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:C/I:N/A:N
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information.

Affected (2)

Cisco
2 products
Application Control Engine Module
Ace 4710
Configuration A
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Application Control Engine Module
All versions
Running on/withPlatform Versions
Cisco
Catalyst 6500
All versions
Cisco
Catalyst 7600
All versions
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Ace 4710
All versions

Related CWEs

CWE-310
CWE-310

References (2)

Source: cve@mitre.org
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.