Number: AV16-089
Date: 02 June 2016
Purpose
The purpose of this advisory is to bring attention to multiple Cisco security advisories.
Assessment
Cisco released multiple security updates to address multiple vulnerabilities:
- Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability
- Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability
- Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability
- Cisco Prime Network Analysis Module Local Command Injection Vulnerability
CVE References: CVE-2016-1370, CVE-2016-1388, CVE-2016-1390, CVE-2016-1391
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime1
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime2
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3