Vulnerabilities > Cisco > Prime Infrastructure

DATE CVE VULNERABILITY TITLE RISK
2021-05-22 CVE-2021-1487 Unspecified vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system.
network
low complexity
cisco
8.8
2020-06-03 CVE-2020-3339 SQL Injection vulnerability in Cisco Prime Infrastructure
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
network
low complexity
cisco CWE-89
5.4
2019-11-26 CVE-2019-15958 Improper Input Validation vulnerability in Cisco Prime Infrastructure
A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system.
network
low complexity
cisco CWE-20
critical
9.8
2019-10-02 CVE-2019-12713 Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.
network
low complexity
cisco CWE-79
6.1
2019-10-02 CVE-2019-12712 Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.7
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.
network
low complexity
cisco CWE-79
6.1
2019-06-20 CVE-2019-1906 Improper Input Validation vulnerability in Cisco Prime Infrastructure 3.6
A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation.
network
low complexity
cisco CWE-20
6.5
2019-05-16 CVE-2019-1825 SQL Injection vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries.
network
low complexity
cisco CWE-89
8.1
2019-05-16 CVE-2019-1824 SQL Injection vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries.
network
low complexity
cisco CWE-89
8.1
2019-05-16 CVE-2019-1823 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system.
network
low complexity
cisco CWE-20
7.2
2019-05-16 CVE-2019-1822 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system.
network
low complexity
cisco CWE-20
7.2