Command Injection Vulnerability in Cisco UCS Manager and Firepower Products
CVE-2017-6597
7.8HIGH
Key Information:
- Vendor
Cisco
- Status
- Vendor
- CVE Published:
- 7 April 2017
What is CVE-2017-6597?
A vulnerability exists within the local-mgmt CLI command of Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance, enabling an authenticated local attacker to execute arbitrary commands on the affected systems. This flaw allows for potential unauthorized access to sensitive data and can lead to further exploitation of the targeted infrastructure. Administrators are urged to apply the fixed software versions to mitigate any risks associated with this vulnerability.
Affected Version(s)
Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance Cisco UCS Manager, Cisco Firepower 4100 Series NGFW, and Cisco Firepower 9300 Security Appliance