CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-1388

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile30.57th
Published2016年6月3日
Last Modified2026年5月6日

Vulnerability Description

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.

Affected Platforms (CPE)

🔌
Cisco

Network Analysis Module

All versions
📦
Cisco

Prime Network Analysis Module Software

= 5.0.0
📦
Cisco

Prime Network Analysis Module Software

= 5.0.1
📦
Cisco

Prime Network Analysis Module Software

= 5.0.2
📦
Cisco

Prime Network Analysis Module Software

= 5.1.0
📦
Cisco

Prime Network Analysis Module Software

= 5.1.2
📦
Cisco

Prime Network Analysis Module Software

= 6.0.2
📦
Cisco

Prime Network Analysis Module Software

= 6.1.0
📦
Cisco

Prime Network Analysis Module Software

= 6.1.1
📦
Cisco

Prime Network Analysis Module Software

= 6.2.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.0.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.1.0
📦
Cisco

Prime Virtual Network Analysis Module Software

= 6.2.0

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime
🔗 http://www.securitytracker.com/id/1036013
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime
🔗 http://www.securitytracker.com/id/1036013

相关漏洞威胁

CVE-2007-125710.0

The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary comma...

CVE-2016-13918.8

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analys...

CVE-2016-13907.8

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analys...

CVE-2004-01937.5

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Se...