CVE-2017-12243

Name of the Vulnerable Software and Affected Versions Cisco Unified Computing System (UCS) Manager (affected versions not specified) Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) (affected versions not specified) Cisco Firepower 9300 Security Appliance (affected versions not specified)

Description The issue is related to improper validation of string input in the shell application, which could allow an authenticated, local attacker to obtain root shell privileges on the device. This can be exploited through the use of malicious commands, potentially giving the attacker root shell privileges.

Recommendations For Cisco Unified Computing System (UCS) Manager, consider restricting access to the shell application until a fix is available. For Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), restrict the use of potentially malicious commands to minimize the risk of exploitation. For Cisco Firepower 9300 Security Appliance, as a temporary workaround, consider disabling the shell application until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.