{"api_version":"1","generated_at":"2026-06-03T15:28:39+00:00","cve":"CVE-2016-1291","urls":{"html":"https://cve.report/CVE-2016-1291","api":"https://cve.report/api/cve/CVE-2016-1291.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-1291","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-1291"},"summary":{"title":"CVE-2016-1291","description":"Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.","state":"PUBLISHED","assigner":"cisco","published_at":"2016-04-06 23:59:11","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-20","n/a"],"metrics":[{"version":"3.0","source":"nvd@nist.gov","type":"Primary","score":"9.8","severity":"CRITICAL","vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9.3","severity":"","vector":"AV:N/AC:M/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode","name":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1035497","name":"http://www.securitytracker.com/id/1035497","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Cisco Prime Infrastructure Deserialization Flaw Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://blogs.securiteam.com/index.php/archives/2727","name":"https://blogs.securiteam.com/index.php/archives/2727","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"401 Authorization Required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-1291","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1291","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"evolved_programmable_network_manager","cpe6":"1.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.2.0.103","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.3.0.20","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.4.0.45","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"1.4.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"2.1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"prime_infrastructure","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"1291","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"sun","cpe5":"opensolaris","cpe6":"snv_124","cpe7":"*","cpe8":"sparc","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2016-1291","qid":"730721","title":"Cisco Evolved Programmable Network Manager Improper Input Validation Vulnerbility"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-05T22:48:13.653Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1035497","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1035497"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://blogs.securiteam.com/index.php/archives/2727"},{"name":"20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-04-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2016-11-30T18:57:01.000Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"1035497","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1035497"},{"tags":["x_refsource_MISC"],"url":"https://blogs.securiteam.com/index.php/archives/2727"},{"name":"20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2016-1291","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1035497","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1035497"},{"name":"https://blogs.securiteam.com/index.php/archives/2727","refsource":"MISC","url":"https://blogs.securiteam.com/index.php/archives/2727"},{"name":"20160406 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability","refsource":"CISCO","url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-remcode"}]}}}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2016-1291","datePublished":"2016-04-06T23:00:00.000Z","dateReserved":"2016-01-04T00:00:00.000Z","dateUpdated":"2024-08-05T22:48:13.653Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2016-04-06 23:59:11","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-20","n/a"],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.0:*:*:*:*:*:*:*","matchCriteriaId":"3C057764-0A1B-41A9-A21B-F665480145AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.2:*:*:*:*:*:*:*","matchCriteriaId":"BA72A91C-0E65-420A-9DBE-3E0853EDB7C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.2.0.103:*:*:*:*:*:*:*","matchCriteriaId":"B257E2F8-30EB-4BCC-8ACF-35DF73107AAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"8B48C1E6-7C18-4C6B-B402-9C0E1A931C2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.3:*:*:*:*:*:*:*","matchCriteriaId":"B64A7FCA-1DEA-45B2-9C69-CCDCC848D9B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.3.0.20:*:*:*:*:*:*:*","matchCriteriaId":"E78D776C-AA8C-471D-A0C0-02428FA07A29"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.4:*:*:*:*:*:*:*","matchCriteriaId":"9D3206E7-DC91-4861-AD32-46DA82509D5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.4.0.45:*:*:*:*:*:*:*","matchCriteriaId":"1704AC8E-BD7E-4882-8BB3-45B9E2AE0F10"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"9ACB00E7-41E3-4221-8400-A279A75FD355"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:1.4.2:*:*:*:*:*:*:*","matchCriteriaId":"853315C7-01A7-4E83-9CBB-D45F6B5C4664"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:2.0:*:*:*:*:*:*:*","matchCriteriaId":"EB157A80-3A03-4B8D-9B20-C456A953CF7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"7678B118-E00C-4B1E-8B40-D3233DE3615C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*","matchCriteriaId":"56394A07-6D74-4588-8C05-DE04959F7FC7"},{"vulnerable":true,"criteria":"cpe:2.3:o:sun:opensolaris:snv_124:*:sparc:*:*:*:*:*","matchCriteriaId":"09B35C0E-6CBA-4B6B-BCD2-F5CC0BF8CF53"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"1291","Ordinal":"1","Title":"CVE-2016-1291","CVE":"CVE-2016-1291","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"1291","Ordinal":"1","NoteData":"Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.","Type":"Description","Title":"CVE-2016-1291"},{"CveYear":"2016","CveId":"1291","Ordinal":"2","NoteData":"2016-04-06","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"1291","Ordinal":"3","NoteData":"2016-11-30","Type":"Other","Title":"Modified"}]}}}