CVE-2016-1390

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
ciscoprime_network_analysis_module_software
5.0.0
ciscoprime_network_analysis_module_software
5.0.1
ciscoprime_network_analysis_module_software
5.0.2
ciscoprime_network_analysis_module_software
5.1.0
ciscoprime_network_analysis_module_software
5.1.2
ciscoprime_network_analysis_module_software
6.0.2
ciscoprime_network_analysis_module_software
6.1.0
ciscoprime_network_analysis_module_software
6.1.1
ciscoprime_network_analysis_module_software
6.2.0
ciscoprime_virtual_network_analysis_module_software
6.0.0
ciscoprime_virtual_network_analysis_module_software
6.1.0
ciscoprime_virtual_network_analysis_module_software
6.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1
http://www.securitytracker.com/id/1036015
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1
http://www.securitytracker.com/id/1036015