Cloud Network Automation Provisioner

CVEs (2)

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-1441	Hig	0.53	8.2	0.00		Jul 3, 2016	Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145.
CVE-2016-1393	Hig	0.46	7.1	0.00		May 12, 2016	SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy72175.

CVE-2016-1441HigJul 3, 2016
risk 0.53cvss 8.2epss 0.00
Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145.
CVE-2016-1393HigMay 12, 2016
risk 0.46cvss 7.1epss 0.00
SQL injection vulnerability in Cisco Cloud Network Automation Provisioner (CNAP) 1.0 and 1.1 allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuy72175.