The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to perform a CSRF attack and carry out arbitrary actions.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack and...

CVE-2019-15958

A vulnerability in the REST API of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated remote attacker to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is due to insufficient input...

CVE-2016-1289

The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager EPNM 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID...

The vulnerability of the Cisco Evolved Programmable Network Manager, a software tool for managing network services, and the Cisco Prime Infrastructure, a software tool for managing network lifecycles, allows a perpetrator to execute arbitrary code.

The vulnerabilities of the Cisco Evolved Programmable Network Manager and the Cisco Prime Infrastructure network lifecycle management software exist due to insufficient verification of input data. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code using specially...