Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Command Shell Injection Vulnerability

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device.

The vulnerability is due to insufficient input validation of user-controlled input parameters entered at the CLI. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input parameters to certain commands. A successful exploit could allow an authenticated attacker to execute arbitrary shell commands on the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2kVDhEa A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device.

The vulnerability is due to insufficient input validation of user-controlled input parameters entered at the CLI. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input parameters to certain commands. A successful exploit could allow an authenticated attacker to execute arbitrary shell commands on the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2kVDhEa
Security Impact Rating: Medium
CVE: CVE-2017-3806

from Cisco Security Advisory http://ift.tt/2kVDhEa