Vulnerabilities > Cisco > Prime Virtual Network Analysis Module Software

DATE CVE VULNERABILITY TITLE RISK
2016-06-04 CVE-2016-1391 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.
network
low complexity
cisco CWE-20
6.5
6.5
2016-06-04 CVE-2016-1390 Improper Input Validation vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892.
local
low complexity
cisco CWE-20
7.2
7.2
2016-06-03 CVE-2016-1388 Command Injection vulnerability in Cisco products
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.
network
low complexity
cisco CWE-77
7.5
7.5