A weakness has been reported in Cisco Guard, which potentially allows malicious people to gain access to the administrative account.
The problem is that Cisco Guard inappropriately sets a default password for the "root" account during installation instead of prompting the user for a new password.
Successful exploitation will provide access to the system.
This affects all Cisco Guard versions prior to 3.1.
OPERATING SYSTEM:
Cisco Guard 3.x
SOLUTION:
Change the password for the "root" account.
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/en/US/products/products_security_advisory09186a008037d0c5.shtml
http://community.securityteam.us/article.php/20041216101334999