CyberSec.Space Logo
Back to CVE Browser

CVE-2016-1391

HIGH
8.8
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile18.37th
PublishedJun 4, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.

Affected Platforms (CPE)

πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.1
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.0.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.1.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 5.1.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.0.2
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.1.0
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.1.1
πŸ“¦
Cisco

Prime Network Analysis Module Software

= 6.2.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.0.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.1.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.0
πŸ“¦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.1

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2
πŸ”— http://www.securitytracker.com/id/1036014
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2
πŸ”— http://www.securitytracker.com/id/1036014

Related Vulnerabilities

CVE-2016-045210.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...

CVE-2016-048310.0

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attack...

CVE-2016-045110.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...

CVE-2016-049410.0

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embed...