The team rated the bug as a "moderate risk," but it can be remotely exploited.
Upon installation of NetFlow Circulation Engine, default user credentials are created, according to an advisory from US-CERT, resulting in remote attackers with knowledge of the credentials being able to gain access to an affected system.
Cisco recommended upgrading to version 6.0, which is not a free download.
The NetFlow Collection Engine is used to collect and analyze IP traffic from devices, such as switches and routers, according to Cisco. The data helps administrators detect threats such as DoS attacks and worms.