CVE-2016-1388

Name of the Vulnerable Software and Affected Versions Cisco Prime Network Analysis Module (NAM) versions prior to 6.1(1) patch.6.1-2-final Cisco Prime Network Analysis Module (NAM) versions 6.2.x prior to 6.2(1) Prime Virtual Network Analysis Module (vNAM) versions prior to 6.1(1) patch.6.1-2-final Prime Virtual Network Analysis Module (vNAM) versions 6.2.x prior to 6.2(1)

Description The issue allows remote attackers to execute arbitrary OS commands via a crafted HTTP request.

Recommendations For Cisco Prime Network Analysis Module (NAM) versions prior to 6.1(1) patch.6.1-2-final, update to 6.1(1) patch.6.1-2-final or later. For Cisco Prime Network Analysis Module (NAM) versions 6.2.x prior to 6.2(1), update to 6.2(1) or later. For Prime Virtual Network Analysis Module (vNAM) versions prior to 6.1(1) patch.6.1-2-final, update to 6.1(1) patch.6.1-2-final or later. For Prime Virtual Network Analysis Module (vNAM) versions 6.2.x prior to 6.2(1), update to 6.2(1) or later.