Lucene search
CiscoCVELIST:CVE-2023-20222HistoryAug 16, 2023 - 9:39 p.m.
CVE-2023-20222
2023-08-1621:39:30
cisco
www.cve.org
6
cisco
prime infrastructure
epnm
web-based
management
interface
vulnerability
cross-site scripting
xss
unauthenticated
remote attacker
validation
user-supplied input
exploit
malicious code
arbitrary script code
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.2%
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface on an affected device.
The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Prime Infrastructure",
"versions": [
{
"version": "2.0.0",
"status": "affected"
},
{
"version": "2.0.10",
"status": "affected"
},
{
"version": "2.0.39",
"status": "affected"
},
{
"version": "2.1.0",
"status": "affected"
},
{
"version": "2.1.1",
"status": "affected"
},
{
"version": "2.1.2",
"status": "affected"
},
{
"version": "2.1.56",
"status": "affected"
},
{
"version": "2.2.0",
"status": "affected"
},
{
"version": "2.2.1",
"status": "affected"
},
{
"version": "2.2.2",
"status": "affected"
},
{
"version": "2.2.3",
"status": "affected"
},
{
"version": "2.2.10",
"status": "affected"
},
{
"version": "2.2.8",
"status": "affected"
},
{
"version": "2.2.4",
"status": "affected"
},
{
"version": "2.2.7",
"status": "affected"
},
{
"version": "2.2.5",
"status": "affected"
},
{
"version": "2.2.9",
"status": "affected"
},
{
"version": "2.2.1 Update 01",
"status": "affected"
},
{
"version": "2.2.2 Update 03",
"status": "affected"
},
{
"version": "2.2.2 Update 04",
"status": "affected"
},
{
"version": "2.2.3 Update 02",
"status": "affected"
},
{
"version": "2.2.3 Update 03",
"status": "affected"
},
{
"version": "2.2.3 Update 04",
"status": "affected"
},
{
"version": "2.2.3 Update 05",
"status": "affected"
},
{
"version": "2.2.3 Update 06",
"status": "affected"
},
{
"version": "3.0.0",
"status": "affected"
},
{
"version": "3.0.1",
"status": "affected"
},
{
"version": "3.0.2",
"status": "affected"
},
{
"version": "3.0.3",
"status": "affected"
},
{
"version": "3.0.4",
"status": "affected"
},
{
"version": "3.0.6",
"status": "affected"
},
{
"version": "3.0.5",
"status": "affected"
},
{
"version": "3.0.7",
"status": "affected"
},
{
"version": "3.1.0",
"status": "affected"
},
{
"version": "3.1.1",
"status": "affected"
},
{
"version": "3.1.7",
"status": "affected"
},
{
"version": "3.1.5",
"status": "affected"
},
{
"version": "3.1.2",
"status": "affected"
},
{
"version": "3.1.3",
"status": "affected"
},
{
"version": "3.1.4",
"status": "affected"
},
{
"version": "3.1.6",
"status": "affected"
},
{
"version": "3.2.2",
"status": "affected"
},
{
"version": "3.2.0-FIPS",
"status": "affected"
},
{
"version": "3.2.1",
"status": "affected"
},
{
"version": "3.3.0",
"status": "affected"
},
{
"version": "3.3.1",
"status": "affected"
},
{
"version": "3.3.0 Update 01",
"status": "affected"
},
{
"version": "3.4.0",
"status": "affected"
},
{
"version": "3.4.1",
"status": "affected"
},
{
"version": "3.4.2",
"status": "affected"
},
{
"version": "3.4.1 Update 01",
"status": "affected"
},
{
"version": "3.4.1 Update 02",
"status": "affected"
},
{
"version": "3.4.2 Update 01",
"status": "affected"
},
{
"version": "3.5.0",
"status": "affected"
},
{
"version": "3.5.1",
"status": "affected"
},
{
"version": "3.5.0 Update 01",
"status": "affected"
},
{
"version": "3.5.0 Update 02",
"status": "affected"
},
{
"version": "3.5.0 Update 03",
"status": "affected"
},
{
"version": "3.5.1 Update 01",
"status": "affected"
},
{
"version": "3.5.1 Update 02",
"status": "affected"
},
{
"version": "3.5.1 Update 03",
"status": "affected"
},
{
"version": "3.6.0",
"status": "affected"
},
{
"version": "3.6.0 Update 01",
"status": "affected"
},
{
"version": "3.6.0 Update 02",
"status": "affected"
},
{
"version": "3.6.0 Update 03",
"status": "affected"
},
{
"version": "3.6.0 Update 04",
"status": "affected"
},
{
"version": "2.1",
"status": "affected"
},
{
"version": "2.2",
"status": "affected"
},
{
"version": "3.2",
"status": "affected"
},
{
"version": "3.4_DP1",
"status": "affected"
},
{
"version": "3.4_DP3",
"status": "affected"
},
{
"version": "3.4_DP2",
"status": "affected"
},
{
"version": "3.5_DP1",
"status": "affected"
},
{
"version": "3.4_DP7",
"status": "affected"
},
{
"version": "3.4_DP10",
"status": "affected"
},
{
"version": "3.4_DP5",
"status": "affected"
},
{
"version": "3.1_DP15",
"status": "affected"
},
{
"version": "3.4_DP11",
"status": "affected"
},
{
"version": "3.4_DP8",
"status": "affected"
},
{
"version": "3.7_DP1",
"status": "affected"
},
{
"version": "3.3_DP4",
"status": "affected"
},
{
"version": "3.10_DP1",
"status": "affected"
},
{
"version": "3.8_DP1",
"status": "affected"
},
{
"version": "3.7_DP2",
"status": "affected"
},
{
"version": "3.6_DP1",
"status": "affected"
},
{
"version": "3.1_DP16",
"status": "affected"
},
{
"version": "3.5_DP4",
"status": "affected"
},
{
"version": "3.3_DP3",
"status": "affected"
},
{
"version": "3.2_DP2",
"status": "affected"
},
{
"version": "3.4_DP4",
"status": "affected"
},
{
"version": "3.1_DP14",
"status": "affected"
},
{
"version": "3.1_DP6",
"status": "affected"
},
{
"version": "3.1_DP9",
"status": "affected"
},
{
"version": "3.4_DP6",
"status": "affected"
},
{
"version": "3.2_DP3",
"status": "affected"
},
{
"version": "3.4_DP9",
"status": "affected"
},
{
"version": "3.3_DP2",
"status": "affected"
},
{
"version": "3.2_DP1",
"status": "affected"
},
{
"version": "3.1_DP10",
"status": "affected"
},
{
"version": "3.9_DP1",
"status": "affected"
},
{
"version": "3.3_DP1",
"status": "affected"
},
{
"version": "3.1_DP13",
"status": "affected"
},
{
"version": "3.5_DP2",
"status": "affected"
},
{
"version": "3.1_DP12",
"status": "affected"
},
{
"version": "3.1_DP4",
"status": "affected"
},
{
"version": "3.5_DP3",
"status": "affected"
},
{
"version": "3.1_DP8",
"status": "affected"
},
{
"version": "3.1_DP7",
"status": "affected"
},
{
"version": "3.2_DP4",
"status": "affected"
},
{
"version": "3.1_DP11",
"status": "affected"
},
{
"version": "3.1_DP5",
"status": "affected"
},
{
"version": "3.7.0",
"status": "affected"
},
{
"version": "3.7.1",
"status": "affected"
},
{
"version": "3.7.1 Update 04",
"status": "affected"
},
{
"version": "3.7.1 Update 06",
"status": "affected"
},
{
"version": "3.7.1 Update 07",
"status": "affected"
},
{
"version": "3.7.1 Update 03",
"status": "affected"
},
{
"version": "3.7.0 Update 03",
"status": "affected"
},
{
"version": "3.7.1 Update 01",
"status": "affected"
},
{
"version": "3.7.1 Update 02",
"status": "affected"
},
{
"version": "3.7.1 Update 05",
"status": "affected"
},
{
"version": "3.8.0",
"status": "affected"
},
{
"version": "3.8.1",
"status": "affected"
},
{
"version": "3.8.1 Update 02",
"status": "affected"
},
{
"version": "3.8.1 Update 04",
"status": "affected"
},
{
"version": "3.8.1 Update 01",
"status": "affected"
},
{
"version": "3.8.1 Update 03",
"status": "affected"
},
{
"version": "3.8.0 Update 01",
"status": "affected"
},
{
"version": "3.8.0 Update 02",
"status": "affected"
},
{
"version": "3.9.0",
"status": "affected"
},
{
"version": "3.9.1",
"status": "affected"
},
{
"version": "3.9.1 Update 02",
"status": "affected"
},
{
"version": "3.9.1 Update 03",
"status": "affected"
},
{
"version": "3.9.1 Update 01",
"status": "affected"
},
{
"version": "3.9.1 Update 04",
"status": "affected"
},
{
"version": "3.9.0 Update 01",
"status": "affected"
},
{
"version": "3.10.0",
"status": "affected"
},
{
"version": "3.10.3",
"status": "affected"
},
{
"version": "3.10.1",
"status": "affected"
},
{
"version": "3.10.2",
"status": "affected"
},
{
"version": "3.10.4",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"versions": [
{
"version": "N/A",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2023-20222
2023-08-16 22:15:11
cisco
cisco
nvd
nvd
CVE-2023-20222
2023-08-16 22:15:11
prion
prion
Cross site scripting
2023-08-16 22:15:00
nessus
nessus
Cisco Evolved Programmable Network Manager XSS (cisco-sa-pi-epnm-storedxss-tTjO62r)
2023-08-24 00:00:00
Cisco Prime Infrastructure XSS (cisco-sa-pi-epnm-storedxss-tTjO62r)
2023-08-24 00:00:00
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.2%
Related for CVELIST:CVE-2023-20222