Multiple Cisco products are prone to a local command-injection vulnerability.
A local attacker can exploit this issue to execute arbitrary commands.
This issue being tracked by Cisco Bug ID's CSCvb61384 and CSCvb86764.
All versions of the following products are affected:
Cisco Unified Computing System Manager
Cisco Firepower 4100 Series Next-Generation Firewall
Cisco Firepower 9300 Security Appliance
Information
Cisco Unified Computing System 3.1(1k)A
Cisco Firepower 9300 Security Appliance 0
Cisco Firepower 9000 Series 2.0(1.68)
Cisco Firepower 4100 Series Next-Generation Firewall 0
References: