CVE-2017-6598

Name of the Vulnerable Software and Affected Versions Cisco Firepower Extensible Operating System versions prior to 92.2(1.105) Cisco Unified Computing System Central versions prior to 2.1(1.69) Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) versions 2.0(1.68) through 3.1(1k)A

Description The issue is related to insufficient access control in the debug plug-in functionality of the affected systems, which could allow an authenticated, local attacker to execute arbitrary commands. This is a privilege escalation issue.

Recommendations For Cisco Firepower Extensible Operating System versions prior to 92.2(1.105), update to version 92.2(1.105) or later. For Cisco Unified Computing System Central versions prior to 2.1(1.69), update to version 2.1(1.69) or later. For Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) versions 2.0(1.68) through 3.1(1k)A, update to a fixed release.