Sammy Tieng

**Name of the Vulnerable Software and Affected Versions** Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This issue is due to insufficient input validation in specific fields of the web-based management interface. An attacker could exploit this by sending crafted input to an affected device, potentially allowing the execution of arbitrary commands on the underlying operating system with root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.