Arbitrary Shell Command Injection Vulnerability in Cisco Firepower Appliances

Arbitrary Shell Command Injection Vulnerability in Cisco Firepower Appliances

CVE-2017-3806 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known Affected Releases: 2.0(1.68). Known Fixed Releases: 2.0(1.118) 2.1(1.47) 92.1(1.1646) 92.1(1.1763) 92.2(1.101).

Learn more about our Cis Benchmark Audit For Cisco.