Vulnerabilities > Cisco > Prime Infrastructure > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-20 | CVE-2019-1906 | Improper Input Validation vulnerability in Cisco Prime Infrastructure 3.6 A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the virtual domain configuration, which could lead to privilege escalation. | 6.5 |
| 2019-05-16 | CVE-2019-1820 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2019-05-16 | CVE-2019-1819 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2019-05-16 | CVE-2019-1818 | Path Traversal vulnerability in Cisco Prime Infrastructure A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. | 6.5 |
| 2019-01-23 | CVE-2019-1643 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.2.0 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. | 6.1 |
| 2019-01-10 | CVE-2018-15457 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5 A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. | 6.1 |
| 2019-01-10 | CVE-2018-0482 | Cross-site Scripting vulnerability in Cisco Prime Infrastructure 3.5(0.0) A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system. | 5.4 |
| 2018-10-05 | CVE-2018-15433 | Information Exposure vulnerability in Cisco Prime Infrastructure 3.2 A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. | 4.3 |
| 2018-10-05 | CVE-2018-15432 | Information Exposure vulnerability in Cisco Prime Infrastructure 3.2 A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. | 4.3 |
| 2018-01-18 | CVE-2018-0097 | Open Redirect vulnerability in Cisco Prime Infrastructure A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect. | 6.1 |