CyberSec.Space Logo
Back to CVE Browser

CVE-2016-1388

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile30.57th
PublishedJun 3, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.

Affected Platforms (CPE)

πŸ”Œ
Cisco

Network Analysis Module

All versions
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.1
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.1.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.1.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.0.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.1.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.1.1
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.2.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.0.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.1.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.0

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime
πŸ”— http://www.securitytracker.com/id/1036013
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime
πŸ”— http://www.securitytracker.com/id/1036013

Related Vulnerabilities

CVE-2007-125710.0

The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary comma...

CVE-2016-13918.8

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analys...

CVE-2016-13907.8

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analys...

CVE-2004-01937.5

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Se...