CVE-2016-1289

The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager EPNM 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID...

CVE-2016-1289

Cisco Prime Infrastructure 1.2–3.0 and EPNM 1.2 expose an API flaw that allows unauthenticated, remote access via crafted HTTP requests, potentially enabling code execution or access to stored credentials. The issue stems from inadequate input validation of API URIs, permitting manipulation of AP...