CVE-2022-20656 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability

🗓️ 15 Nov 2024 15:36:09Reported by ciscoType

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability, allows authenticated remote attacker to conduct directory traversal attac

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability in the web interface of the software system for monitoring and managing Cisco Prime Infrastructure network equipment, as well as the Cisco Evolved Programmable Network Manager software for managing network services, allows a perpetrator to write arbitrary files.	1 Feb 202200:00	–	bdu_fstec
Circl	CVE-2022-20656	15 Nov 202415:38	–	circl
Cisco	Cisco Prime Infrastructure and Evolved Programmable Network Manager Vulnerabilities	12 Jan 202216:00	–	cisco
CNNVD	Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure 安全漏洞	12 Jan 202200:00	–	cnnvd
CVE	CVE-2022-20656	15 Nov 202415:36	–	cve
EUVD	EUVD-2022-25906	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco products	13 Jan 202200:00	–	ncsc
NVD	CVE-2022-20656	15 Nov 202416:15	–	nvd
OSV	CVE-2022-20656	15 Nov 202416:15	–	osv
Positive Technologies	PT-2022-1438 · Cisco · Cisco Prime Infrastructure +1	12 Jan 202200:00	–	ptsecurity

[
  {
    "vendor": "Cisco",
    "product": "Cisco Evolved Programmable Network Manager (EPNM)",
    "versions": [
      {
        "version": "3.0.1",
        "status": "affected"
      },
      {
        "version": "3.1.2",
        "status": "affected"
      },
      {
        "version": "1.2",
        "status": "affected"
      },
      {
        "version": "3.1.1",
        "status": "affected"
      },
      {
        "version": "3.1.3",
        "status": "affected"
      },
      {
        "version": "3.1",
        "status": "affected"
      },
      {
        "version": "3.0.3",
        "status": "affected"
      },
      {
        "version": "3.0.2",
        "status": "affected"
      },
      {
        "version": "3.0",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "1.1",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "4.1",
        "status": "affected"
      },
      {
        "version": "4.1.1",
        "status": "affected"
      },
      {
        "version": "4.0.3",
        "status": "affected"
      },
      {
        "version": "4.0.1",
        "status": "affected"
      },
      {
        "version": "4.0.2",
        "status": "affected"
      },
      {
        "version": "4.0",
        "status": "affected"
      },
      {
        "version": "5.0",
        "status": "affected"
      },
      {
        "version": "5.0.1",
        "status": "affected"
      },
      {
        "version": "5.1.1",
        "status": "affected"
      },
      {
        "version": "5.1",
        "status": "affected"
      },
      {
        "version": "5.0.2",
        "status": "affected"
      },
      {
        "version": "5.1.2",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Prime Infrastructure",
    "versions": [
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.1.5",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.0.0",
        "status": "affected"
      },
      {
        "version": "3.6.0",
        "status": "affected"
      },
      {
        "version": "3.7.0",
        "status": "affected"
      },
      {
        "version": "3.4.0",
        "status": "affected"
      },
      {
        "version": "3.3.0",
        "status": "affected"
      },
      {
        "version": "3.2",
        "status": "affected"
      },
      {
        "version": "3.5.0",
        "status": "affected"
      },
      {
        "version": "3.2.0-FIPS",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "3.8.0-FED",
        "status": "affected"
      },
      {
        "version": "3.9.0",
        "status": "affected"
      },
      {
        "version": "3.8.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ

15 Nov 2024 15:36Current

CVSS 3.16.5

EPSS0.00176