Vulnerabilities > Cisco > Prime Infrastructure

DATE CVE VULNERABILITY TITLE RISK
2023-04-05 CVE-2023-20127 Unspecified vulnerability in Cisco Prime Infrastructure
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
cisco
6.5
2023-04-05 CVE-2023-20129 Path Traversal vulnerability in Cisco Prime Infrastructure
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
cisco CWE-22
6.5
2023-04-05 CVE-2023-20130 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Infrastructure
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
cisco CWE-352
6.5
2023-04-05 CVE-2023-20131 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
cisco CWE-79
5.4
2023-04-05 CVE-2023-20068 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface on an affected device.
network
low complexity
cisco CWE-79
6.1
2023-03-03 CVE-2023-20069 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
network
low complexity
cisco CWE-79
5.4
2022-02-17 CVE-2022-20659 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
network
low complexity
cisco CWE-79
6.1
2021-11-04 CVE-2021-34784 Cross-site Scripting vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
5.4
2021-09-02 CVE-2021-34733 Insufficiently Protected Credentials vulnerability in Cisco products
A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system.
local
low complexity
cisco CWE-522
5.5
2021-05-22 CVE-2021-1306 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system.
local
low complexity
cisco CWE-610
3.4