Vulnerability Details CVE-2016-1391
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2016-1391
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.1
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.0.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.1.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:5.1.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.0.2
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.1.0
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.1.1
-
cpe:2.3:a:cisco:prime_network_analysis_module_software:6.2.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.0.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.1.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.2.0
-
cpe:2.3:a:cisco:prime_virtual_network_analysis_module_software:6.2.1