A Shell Command Injection vulnerability has been discovered in IBM Security Network Protection.
CVE-ID:CVE-2014-6183
**Description:**IBM Security Network Protection could allow a remote attacker to execute arbitrary commands on the system. An authenticated attacker could exploit this vulnerability to inject and execute arbitrary shell commands on the system.
CVSS:
CVSS Base Score: 9.0
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/98519 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C)
**Products:IBM Security Network Protection****(XGS)**models 3100, 4100, 5100, 7100
Firmware versions: 5.1, 5.1.1, 5.1.2, 5.1.2.1, 5.2, 5.3
IBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch.
None
**