Lucene search

K
ciscoCiscoCISCO-SA-PI-EPNM-ERPWAXLE
HistoryApr 05, 2023 - 4:00 p.m.

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

2023-04-0516:00:00
tools.cisco.com
14
cisco
prime infrastructure
evolved programmable network manager
vulnerabilities
web-based management
remote attacker
privileged information
cross-site scripting
cross-site request forgery
software updates
security advisory

0.001 Low

EPSS

Percentile

41.6%

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.

For more information about these vulnerabilities, see the Details [β€œ#details”] section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-infodis-eRPWAXLe [β€œhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-infodis-eRPWAXLe”]

Affected configurations

Vulners
Node
ciscoprime_infrastructureMatchany
OR
ciscoevolved_programmable_network_managerMatchany
OR
ciscoprime_infrastructureMatchany
OR
ciscoevolved_programmable_network_managerMatchany

0.001 Low

EPSS

Percentile

41.6%

Related for CISCO-SA-PI-EPNM-ERPWAXLE