CVE-2016-1391

Name of the Vulnerable Software and Affected Versions Cisco Prime Network Analysis Module (NAM) versions prior to 6.1(1) patch.6.1-2-final Cisco Prime Network Analysis Module (NAM) versions 6.2.x prior to 6.2(2) Prime Virtual Network Analysis Module (vNAM) versions prior to 6.1(1) patch.6.1-2-final Prime Virtual Network Analysis Module (vNAM) versions 6.2.x prior to 6.2(2)

Description The issue allows remote authenticated users to execute arbitrary OS commands via a crafted HTTP request.

Recommendations For Cisco Prime Network Analysis Module (NAM) versions prior to 6.1(1) patch.6.1-2-final, update to version 6.1(1) patch.6.1-2-final or later. For Cisco Prime Network Analysis Module (NAM) versions 6.2.x prior to 6.2(2), update to version 6.2(2) or later. For Prime Virtual Network Analysis Module (vNAM) versions prior to 6.1(1) patch.6.1-2-final, update to version 6.1(1) patch.6.1-2-final or later. For Prime Virtual Network Analysis Module (vNAM) versions 6.2.x prior to 6.2(2), update to version 6.2(2) or later.