Vulnerabilities > Cisco > Prime Network Analysis Module Software > High

DATE CVE VULNERABILITY TITLE RISK
2016-06-04 CVE-2016-1391 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.
network
low complexity
cisco CWE-20
8.8
2016-06-04 CVE-2016-1390 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892.
local
low complexity
cisco CWE-20
7.8