Vulnerability Description
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Network Analysis Module | All versions |
| Cisco | Prime Network Analysis Module Software | 5.0.0 |
| Cisco | Prime Virtual Network Analysis Module Software | 6.0.0 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1036013
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
- http://www.securitytracker.com/id/1036013
FAQ
What is CVE-2016-1388?
CVE-2016-1388 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(...
How severe is CVE-2016-1388?
CVE-2016-1388 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-1388?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Network Analysis Module, Cisco Prime Network Analysis Module Software, Cisco Prime Virtual Network Analysis Module Software.