漏洞名称:Cisco Prime Infrastructure/EPNM远程代码执行漏洞
发表日期:2016-04-08 17:05:53
漏洞名称:Cisco Prime Infrastructure/EPNM远程代码执行漏洞(CVE-2016-1291)
CVE ID:CVE-2016-1291
受影响系统:
Cisco Prime Infrastructure 1.2.0 - 2.2(2)
Cisco Evolved Programmable Network Manager (EPNM) 1.2
详细信息:
CVE ID:CVE-2016-1291
受影响系统:
Cisco Prime Infrastructure 1.2.0 - 2.2(2)
Cisco Evolved Programmable Network Manager (EPNM) 1.2
详细信息:
Cisco Prime Infrastructure是通过思科技术LMS和NCS进行无线管理的解决方案。
Cisco Prime Infrastructure 1.2.0 - 2.2(2)、Cisco Evolved Programmable Network Manager (EPNM) 1.2版本未有效过滤HTTP用户输入,未经身份验证的远程攻击者用构造的HTTP POST反序列化数据,可执行任意代码。
漏洞来源:
Cisco
解决方案:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20160406-remcode)以及相应补丁:
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20160406-remcode)以及相应补丁:
cisco-sa-20160406-remcode:Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode