The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authenticated users to execute arbitrary commands via crafted field values, aka Bug ID CSCuy96280.Referenceshttp://www.securitytracker.com/id/1036238http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-pi
