CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-1391

HIGH
8.8
CVSS Severity Score
EPSS Score0.0280%
EPSS Percentile18.37th
Published2016年6月4日
Last Modified2026年5月6日

Vulnerability Description

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.

Affected Platforms (CPE)

📦
Cisco

Prime Network Analysis Module Software

= 5.0.0
📦
Cisco

Prime Network Analysis Module Software

= 5.0.1
📦
Cisco

Prime Network Analysis Module Software

= 5.0.2
📦
Cisco

Prime Network Analysis Module Software

= 5.1.0
📦
Cisco

Prime Network Analysis Module Software

= 5.1.2
📦
Cisco

Prime Network Analysis Module Software

= 6.0.2
📦
Cisco

Prime Network Analysis Module Software

= 6.1.0
📦
Cisco

Prime Network Analysis Module Software

= 6.1.1
📦
Cisco

Prime Network Analysis Module Software

= 6.2.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.0.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.1.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.1

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2
🔗 http://www.securitytracker.com/id/1036014
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2
🔗 http://www.securitytracker.com/id/1036014

関連する脆弱性情報

CVE-2016-045210.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...

CVE-2016-048310.0

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attack...

CVE-2016-045110.0

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affec...

CVE-2016-049410.0

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embed...