Arbitrary OS Command Execution Vulnerability in Cisco Prime Network Analysis Module (NAM) and Prime Virtual Network Analysis Module (vNAM)

Arbitrary OS Command Execution Vulnerability in Cisco Prime Network Analysis Module (NAM) and Prime Virtual Network Analysis Module (vNAM)

CVE-2016-1391 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.

Learn more about our Network Penetration Testing.