CVE-2017-6602

Name of the Vulnerable Software and Affected Versions Cisco Firepower Extensible Operating System versions prior to 2.1(1.38) Cisco Unified Computing System Central versions prior to 2.1(1.38) Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) versions prior to 2.1(1.38) Cisco Firepower 9300 Security Appliance versions prior to 2.1(1.38)

Description The issue is related to a lack of input validation in the CLI component of the affected systems, which could allow a local attacker to inject arbitrary commands. This could enable the attacker to perform unauthorized actions.

Recommendations For Cisco Firepower Extensible Operating System version 2.0(1.68), update to version 2.0(1.107) or later. For Cisco Unified Computing System Central version 3.1(1k)A, update to version 2.1(1.38) or later. For Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) version 2.0(1.68), update to version 2.0(1.107) or later. For Cisco Firepower 9300 Security Appliance version 2.0(1.68), update to version 2.0(1.107) or later. As a temporary workaround, consider restricting access to the CLI until a patch is available.