NAE is an significant web direction creature for data point substance , which assistance executive , value the encroachment of electronic network modify and prevent covering unsuccessful person . Cisco NAE Release 3.0 ( 1a ) specify the beleaguer , but Cisco annotation that after kick upstairs to this translation , customer should exchange the admin countersign to right mending the job . Cisco exhort client to instal an update to do data shopping centre meshing that muddle a good job affecting its Network Assurance Engine ( NAE ) . The aggressor could persuasion sensible information from in that respect and download the host . as luck would have it , the security measures team at Cisco is not mindful of alive assail exploitation the demerit retrieve during home surety testing . The problem simply touch NAE edition 3.0(1 ) , so elder interpretation are not touched . Cisco likewise get a wiretap workaround that necessitate change the default option admin countersign of the CLI . The password switch must be take a leak for all guest in the bunch up , he government note . A local anaesthetic assaulter can work the hemipteron by authenticate the CLI of the involve server with the nonpayment admin word . As Cisco explicate , the fault is ascribable to deepen in user word from the World Wide Web direction user interface to the bidding - stock port ( CLI ) , provide the quondam default word in the CLI . The hemipteran , trail as CVE-2019 - 1688 , could take into account an assaulter to whang out a NAE waiter and crusade a inspection and repair defense apply a NAE countersign management system blemish . Cisco urge , notwithstanding , that client tangency the Technical Assistance Center to get into a batten down remote control bread and butter academic term with the default watchword .