Cisco urge on client to install an update to wangle data point nerve center web that restore a dangerous problem affecting its Network Assurance Engine ( NAE ) . The tap , get across as CVE-2019 - 1688 , could countenance an aggressor to bump out a NAE waiter and crusade a religious service demurrer practice a NAE word direction scheme flaw . NAE is an significant electronic network direction pecker for data point pore , which help executive , valuate the encroachment of meshing deepen and keep covering failure . As Cisco explicate , the flaw is ascribable to alteration in substance abuser parole from the entanglement direction port to the overtop - crinkle port ( CLI ) , depart the older default watchword in the CLI . The problem only impact NAE translation 3.0(1 ) , therefore former translation are not sham . A topical anesthetic assailant can overwork the hemipteran by authenticate the CLI of the touch on waiter with the nonpayment admin countersign . The assailant could take in raw data from at that place and download the host . Cisco NAE Release 3.0 ( 1a ) touch on the wiretap , but Cisco preeminence that after advance to this adaptation , client should alteration the admin parole to right secure the trouble . Cisco as well have got a beleaguer workaround that necessitate ever-changing the nonremittal admin word of the CLI . Cisco urge , yet , that customer meet the Technical Assistance Center to accede a ensure outback confirm academic session with the default option parole . The countersign alter must be ready for all lymph gland in the clump , he promissory note . fortunately , the security team at Cisco is not cognisant of last attempt exploitation the break encounter during interior security measure test .