Vulnerability Details CVE-2016-1388
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2016-1388
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.1
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.1.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.1.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.0.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.1.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.1.1
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.2.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.0.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.1.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.2.0
-
cpe:2.3:h:cisco:network_analysis_module:-