67 matches found
CVE-2017-12285
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validatio...
Directory traversal
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validatio...
CVE-2017-12285
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validatio...
CVE-2017-12285
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system, aka Directory Traversal. The vulnerability exists because the affected software does not perform proper input validatio...
CVE-2017-12285
CVE-2017-12285 affects Cisco Network Analysis Module (NAM) web interface. The issue is a directory traversal vulnerability caused by improper input validation and lack of RBAC on HTTP URLs, allowing an unauthenticated, remote attacker to delete arbitrary files via a crafted request. Multiple advi...
Cisco Network Analysis Module Parameter Directory Traversal Arbitrary File Deletion Vulnerability
A vulnerability in the web interface of Cisco Network Analysis Module Software could allow an unauthenticated, remote attacker to delete arbitrary files from an affected system. The vulnerability exists because the affected software does not perform proper input validation of HTTP requests that i...
Cisco Prime Network Analysis Module and Cisco Prime Virtual Network Analysis Module Local Command Injection Vulnerability
Cisco Prime Network Analysis Module and Cisco Prime Virtual Network Analysis Module are network analysis software used by network administrators to manage and configure the network's usage, operational status, and so on. A local command injection vulnerability exists in the CLI of Cisco Prime...
CVE-2016-1391
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
CVE-2016-1391
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
CVE-2016-1390
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...
Design/Logic Flaw
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...
CVE-2016-1390
Cisco Prime Network Analysis Module (NAM) and Cisco Prime Virtual Network Analysis Module (vNAM) are affected by CVE-2016-1390. The issue arises from insufficient sanitization of CLI input, allowing a local, authenticated attacker to obtain root privileges by crafting input that is processed by t...
CVE-2016-1391
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
CVE-2016-1388
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
CVE-2016-1388
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
Input validation
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
CVE-2016-1388
CVE-2016-1388 affects Cisco Prime Network Analysis Module (NAM) and Prime Virtual Network Analysis Module (vNAM). Affected versions allow remote attackers to execute arbitrary OS commands via a crafted HTTP request due to improper input handling. Exploitation status is not detailed in the provide...
Cisco Prime Network Analysis Module Remote Code Execution Vulnerability (CNVD-2016-03804)
The Cisco Prime Network Analysis Module is a network analysis module that is part of the overall Cisco Prime solution. A remote code execution vulnerability exists in the web interface of Cisco NAM/vNAM. An unauthenticated, remote attacker could exploit this vulnerability to execute arbitrary...
Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability
A vulnerability in the web interface of Cisco Prime Network Analysis Module NAM and Cisco Prime Virtual Network Analysis Module vNAM could allow an authenticated, remote attacker to execute arbitrary commands or code on the host operating system with the privileges of the web server. The...
Cisco Prime Network Analysis Module Local Command Injection Vulnerability
A vulnerability in the command-line interface CLI of Cisco Prime Network Analysis Module NAM and Cisco Prime Virtual Network Analysis Module vNAM could allow a local, authenticated attacker to execute arbitrary commands on the host operating system with elevated privileges. The vulnerability is d...