Intrusion Prevention

Cisco.Prime.Infrastructure.EPNM.Deserialization.Code.Execution

Description

This indicates an attack attempt against a Remote Code Execution vulnerability in Cisco Prime Infrastructure and Evolved programmable Network Manager.
The vulnerability is due to improper validation of user supplied data when handling crafted HTTP Requests. A remote attacker can exploit this to execute arbitrary code with root privileges.

Affected Products

Cisco Systems Evolved Programmable Network Manager prior to 1.2 MP2 Patch 1
Cisco Systems Evolved Programmable Network Manager prior to 1.2 MP4 Patch 2
Cisco Systems Prime Infrastructure prior to 3.0.2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode

CVE References

CVE-2016-1291