Vulnerabilities > Cisco > Prime Infrastructure > 2.0.4.0.45b
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-16 | CVE-2019-1822 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. | 7.2 |
| 2019-05-16 | CVE-2019-1820 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2019-05-16 | CVE-2019-1819 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2019-05-16 | CVE-2019-1818 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2017-07-04 | CVE-2017-6700 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 2.0(4.0.45B)/3.1(1) A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a Document Object Model (DOM) based (environment or client-side) cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
| 2017-07-04 | CVE-2017-6698 | SQL Injection vulnerability in Cisco Prime Infrastructure 2.0(4.0.45B)/3.1(1) A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. | 5.5 |