Command Injection Vulnerability in Cisco Web Security and Email Security Appliances

CVE-2013-3384

Summary

A command injection vulnerability exists in Cisco Web Security Appliance, Email Security Appliance, and Content Security Management Appliance, allowing remote authenticated users to execute arbitrary commands by sending crafted command-line input in URL requests. This vulnerability impacts multiple versions of the respective products, enhancing the potential attack surface for malicious actors aiming to manipulate system functionality.

References