Short Name |
APP:CISCO:CISCO-EPNM-DESERIAL-1 |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Cisco Prime Infrastructure and EPNM Deserialization Code Execution-1 |
Release Date |
2016/07/26 |
Update Number |
2762 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Cisco Prime Infrastructure and Evolved programmable Network Manager (EPNM). A successful attack can lead to arbitrary code execution.
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.