CVE-2017-6223

Name of the Vulnerable Software and Affected Versions Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x through ZD9.10.x Ruckus Wireless Zone Director Controller firmware releases ZD9.13.0.x less than 9.13.0.0.232

Description The issue concerns OS Command Injection vulnerabilities in the ping functionality. This could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

Recommendations For ZD9.9.x through ZD9.10.x, update to a version outside of this range to resolve the issue. For ZD9.13.0.x, update to version 9.13.0.0.232 or later to resolve the issue. As a temporary workaround, consider restricting access to the ping functionality until a patch is available.