CVE-2016-1442
Description
The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authenticated users to execute arbitrary commands via crafted field values, aka Bug ID CSCuy96280.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.696
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Prime Infrastructure Administrative Web Interface HTML Injection Vulnerability For Cisco Prime Infrastructure | NCM |
| Improper Input Validation Vulnerability (CVE-2016-1442) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705595 | Security Update for Cisco Prime Infrastructure 2.2(2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234