A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to obtain root shell privileges on the device, aka Command Injection. The vulnerability is due to improper validation of string input in the shell application. An attacker could exploit this vulnerability through the use of malicious commands. A successful exploit could allow the attacker to obtain root shell privileges on the device. Cisco Bug IDs: CSCvf20741, CSCvf60078.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2017-11-02T16:00:00
Updated: 2024-08-05T18:28:16.743Z
Reserved: 2017-08-03T00:00:00
Link: CVE-2017-12243
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-11-02T16:29:00.193
Modified: 2024-11-21T03:09:06.650
Link: CVE-2017-12243
Redhat
No data.