Short Name |
HTTP:CISCO:IOS-XE-CI |
---|---|
Severity |
Critical |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco IOS XE WebUI Privileged Command Injection |
Release Date |
2019/11/28 |
Update Number |
3228 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against WebUI component of Cisco IOS XE. A successful attack can lead to command injection and arbitrary code execution.
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.