
Cisco has disclosed a medium-severity server-side template injection vulnerability in Cisco Crosswork Network Controller that could let an authenticated remote attacker with template write permissions execute arbitrary commands in limited areas of the underlying operating system.









