Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(2) allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21889.
2016-06-04T01:59:03.897
2025-04-12T10:46:40.837
Deferred
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cisco | prime_network_analysis_module_software | 5.0.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.0.1 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.0.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.1.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 5.1.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.0.2 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.1.0 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.1.1 | Yes |
| Application | cisco | prime_network_analysis_module_software | 6.2.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.0.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.1.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.2.0 | Yes |
| Application | cisco | prime_virtual_network_analysis_module_software | 6.2.1 | Yes |