Knud

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Communications Manager versions 6 through 8 **Description** The issue allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface. This is related to the `/usr/local/cm/bin/pktCap protectData` endpoint. **Recommendations** For versions 6 through 8, consider restricting access to the administrative interface to minimize the risk of exploitation. As a temporary workaround, limit the use of shell metacharacters in requests to the administrative interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.