3 matches found
EUVD-2016-2492
Malware in sbrugna...
Code injection
Cisco Cloud Network Automation Provisioner CNAP 1.00 in Cisco Configuration Assistant CCA allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145...
CVE-2016-1393
SQL injection vulnerability in Cisco Cloud Network Automation Provisioner CNAP 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy72175...