Vulnerabilities > Cisco > Prime Infrastructure > 3.1.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-05 | CVE-2023-20127 | Unspecified vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 6.5 |
| 2023-04-05 | CVE-2023-20129 | Path Traversal vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 6.5 |
| 2023-04-05 | CVE-2023-20130 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 6.5 |
| 2023-04-05 | CVE-2023-20131 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 5.4 |
| 2023-03-03 | CVE-2023-20069 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. | 5.4 |
| 2022-02-17 | CVE-2022-20659 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
| 2021-11-04 | CVE-2021-34784 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 5.4 |
| 2021-09-02 | CVE-2021-34733 | Insufficiently Protected Credentials vulnerability in Cisco products A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. | 5.5 |
| 2021-05-22 | CVE-2021-1306 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. | 3.4 |
| 2021-05-22 | CVE-2021-1487 | OS Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |