Vulnerabilities > Cisco > Evolved Programmable Network Manager > 7.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-17 | CVE-2023-20257 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. | 4.8 |
2024-01-17 | CVE-2023-20258 | Unspecified vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 7.2 |
2024-01-17 | CVE-2023-20260 | Argument Injection or Modification vulnerability in Cisco Prime Infrastructure A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. | 6.7 |
2024-01-17 | CVE-2023-20271 | SQL Injection vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |
2023-08-16 | CVE-2023-20201 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. | 5.4 |
2023-08-16 | CVE-2023-20203 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. | 5.4 |
2023-08-16 | CVE-2023-20205 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. | 5.4 |