CVE-2018-0217

Name of the Vulnerable Software and Affected Versions: Cisco StarOS (affected versions not specified)

Description: A command injection attack could be performed by an authenticated, local attacker on an affected system due to insufficient validation of commands supplied to certain configurations in the CLI. The attacker could inject crafted arguments into a vulnerable CLI command, potentially allowing the insertion and execution of arbitrary commands. To exploit this, the attacker must authenticate using valid administrator credentials.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.