SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version, the IOS XE is affected by command injection vulnerability. A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.
Please see the included Cisco BIDs and the Cisco Security Advisory for more information.
SolutionUpgrade to the relevant fixed version referenced in Cisco bug ID CSCvq32594.