What is the severity of CVE-2009-0622?

CVE-2009-0622 has a high severity rating due to its ability to allow remote authenticated users to execute arbitrary operating-system commands.

How do I fix CVE-2009-0622?

To fix CVE-2009-0622, update the Cisco ACE Application Control Engine and ACE Module to the latest versions as specified by Cisco.

Who is affected by CVE-2009-0622?

CVE-2009-0622 affects users of the Cisco ACE 4710 Application Control Engine and Cisco ACE Application Control Engine Module prior to specified versions.

What type of attack is possible with CVE-2009-0622?

CVE-2009-0622 can be exploited to perform remote command execution by authenticated users.

When was CVE-2009-0622 publicly disclosed?

CVE-2009-0622 was publicly disclosed in 2009, allowing for awareness and mitigation efforts.

Vulnerability/
CVE-2009-0622

critical

CWE

NVD-CWE-Other

26/2/2009

27/2/2009

CVE-2009-0622

First published: Thu Feb 26 2009(Updated: )

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI).

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco ACE 4710 Application Control Engine
Cisco ACE Module	<=1.1
Cisco ACE Module	=1.0
Cisco Catalyst 6500-E
Cisco Catalyst 7600

Remedy

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0622?
CVE-2009-0622 has a high severity rating due to its ability to allow remote authenticated users to execute arbitrary operating-system commands.
How do I fix CVE-2009-0622?
To fix CVE-2009-0622, update the Cisco ACE Application Control Engine and ACE Module to the latest versions as specified by Cisco.
Who is affected by CVE-2009-0622?
CVE-2009-0622 affects users of the Cisco ACE 4710 Application Control Engine and Cisco ACE Application Control Engine Module prior to specified versions.
What type of attack is possible with CVE-2009-0622?
CVE-2009-0622 can be exploited to perform remote command execution by authenticated users.
When was CVE-2009-0622 publicly disclosed?
CVE-2009-0622 was publicly disclosed in 2009, allowing for awareness and mitigation efforts.

agent/references
agent/type
agent/first-publish-date
agent/last-modified-date
agent/event
agent/severity
agent/weakness
agent/remedy
agent/author
agent/description
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco ace 4710 application control engine
canonical/cisco ace module
version/cisco ace module/1.1
version/cisco ace module/1.0
canonical/cisco catalyst 6500-e
canonical/cisco catalyst 7600

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2009-0622?
CVE-2009-0622 has a high severity rating due to its ability to allow remote authenticated users to execute arbitrary operating-system commands.
How do I fix CVE-2009-0622?
To fix CVE-2009-0622, update the Cisco ACE Application Control Engine and ACE Module to the latest versions as specified by Cisco.
Who is affected by CVE-2009-0622?
CVE-2009-0622 affects users of the Cisco ACE 4710 Application Control Engine and Cisco ACE Application Control Engine Module prior to specified versions.
What type of attack is possible with CVE-2009-0622?
CVE-2009-0622 can be exploited to perform remote command execution by authenticated users.
When was CVE-2009-0622 publicly disclosed?
CVE-2009-0622 was publicly disclosed in 2009, allowing for awareness and mitigation efforts.