Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882.
2016-06-03T02:01:07.613
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Hardware | cisco | network_analysis_module | * | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.0.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.0.1 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.0.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.1.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.1.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.0.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.1.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.1.1 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.2.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.0.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.1.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.2.0 | Yes |