Vulnerabilities > Cisco > Prime Infrastructure > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-22 | CVE-2021-1306 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Cisco Identity Services Engine A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to identify directories and write arbitrary files to the file system. | 3.4 |
2019-01-10 | CVE-2018-0482 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5(0.0) A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 3.5 |
2015-08-22 | CVE-2015-4331 | Permissions, Privileges, and Access Controls vulnerability in Cisco Prime Infrastructure Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified composition of lowercase and uppercase characters, aka Bug ID CSum59958. | 3.5 |