Vulnerabilities > Cisco > Prime Network Analysis Module Software

DATE CVE VULNERABILITY TITLE RISK
2016-06-04 CVE-2016-1391 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.
network
low complexity
cisco CWE-20
8.8
8.8
2016-06-04 CVE-2016-1390 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892.
local
low complexity
cisco CWE-20
7.8
7.8
2016-06-03 CVE-2016-1388 Command Injection vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.
network
low complexity
cisco CWE-77
critical
 9.8
9.8