Lucene search
+L

105 matches found

cnvd
cnvd
added 2024/11/11 12:0 a.m.32 views

Cisco Evolved Programmable Network Manager Cross-Site Scripting Vulnerability (CNVD-2025-01394)

Cisco Evolved Programmable Network Manager is a programmable network manager. A cross-site scripting vulnerability exists in the Cisco Evolved Programmable Network Manager WEB interface, which can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obta...

5.4CVSS5.6AI score0.0027EPSS
Exploits0References1
nessus
nessus
added 2024/11/08 12:0 a.m.5 views

Cisco Evolved Programmable Network Manager XSS (cisco-sa-epnmpi-sxss-yyf2zkXs)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 8.0.0. It is, therefore, affected by the following: - A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated,...

5.4CVSS5.3AI score0.0027EPSS
Exploits0References3
osv
osv
added 2024/01/17 5:15 p.m.4 views

CVE-2023-20271

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...

6.5CVSS5.9AI score0.00546EPSS
Exploits0References1
nvd
nvd
added 2024/01/17 5:15 p.m.25 views

CVE-2023-20260

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...

6.7CVSS6.3AI score0.00175EPSS
Exploits0References1
cve
cve
added 2024/01/17 4:57 p.m.62 views

CVE-2023-20260

CVE-2023-20260 affects Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM). The root cause is improper processing of command line arguments to application scripts in the CLI, enabling an authenticated, local attacker to escalate to root privileges on the underlying OS...

6.7CVSS6.7AI score0.00175EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2024/01/17 4:57 p.m.28 views

CVE-2023-20260

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...

6CVSS7AI score0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/01/17 4:56 p.m.4 views

CVE-2023-20271

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of...

6.5CVSS6.6AI score0.00546EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/08/30 12:0 a.m.9 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to carry out a cross-site scripting attack.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software relates to insufficient data cleaning provided by users. Exploiting this vulnerability allows a malicious actor to carry out XSS attack...

5.5CVSS5.8AI score0.00355EPSS
Exploits0References3Affected Software2
bdu_fstec
bdu_fstec
added 2023/08/30 12:0 a.m.7 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software relates to insufficient data cleaning provided by users. Exploiting this vulnerability allows a malicious actor to carry out XSS attack...

5.5CVSS5.9AI score0.00358EPSS
Exploits0References3Affected Software2
nessus
nessus
added 2023/08/24 12:0 a.m.21 views

Cisco Evolved Programmable Network Manager XSS (cisco-sa-pi-epnm-BFjSRJP5)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.1. It is, therefore, affected by a cross-site scripting XSS vulnerability. Due to insufficient validation of user input, an authenticated, remote attacker can, by persuading a user of the affected...

5.4CVSS5.4AI score0.00358EPSS
Exploits0References5
osv
osv
added 2023/08/16 10:15 p.m.3 views

CVE-2023-20201

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

5.4CVSS6AI score0.00355EPSS
Exploits0References1
prion
prion
added 2023/08/16 10:15 p.m.23 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

5.8CVSS5.9AI score0.00375EPSS
Exploits0References1Affected Software2
cisco
cisco
added 2023/08/16 4:0 p.m.24 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

4.8CVSS6AI score0.00375EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/04/11 12:0 a.m.7 views

The vulnerabilities of the closed software environment of Cisco Evolved Programmable Network Manager, the Cisco Identity Services Engine, the Cisco Prime Infrastructure – systems for monitoring and managing network equipment – allow attackers to escalate their privileges.

The vulnerability of the closed-programming environment of Cisco Evolved Programmable Network Manager, the Cisco Identity Services Engine, and the Cisco Prime Infrastructure system for network monitoring and management exists due to the lack of measures taken to neutralize special elements used i...

7.8CVSS6.6AI score0.00201EPSS
Exploits0References2Affected Software3
osv
osv
added 2023/04/05 7:15 p.m.2 views

CVE-2023-20122

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

7.8CVSS7.2AI score0.002EPSS
Exploits0References1
cisco
cisco
added 2023/04/05 4:0 p.m.98 views

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

6.5CVSS5.8AI score0.00917EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/04/05 12:0 a.m.9 views

Cisco Prime Infrastructure和Cisco Evolved Programmable Network Manager 跨站脚本漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco Corporation.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application. Cisco Prime Infrastructure is a software application used to...

6.5CVSS5.5AI score0.00573EPSS
Exploits0References3
nessus
nessus
added 2023/03/10 12:0 a.m.21 views

Cisco Evolved Programmable Network Manager Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.0. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of...

5.4CVSS5.9AI score0.0045EPSS
Exploits0References3
thn
thn
added 2022/02/18 5:19 a.m.86 views

Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails

Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance ESA that could result in a denial-of-service DoS condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 CVSS...

7.5CVSS1.4AI score0.01833EPSS
Exploits0
ptsecurity
ptsecurity
added 2022/01/12 12:0 a.m.8 views

PT-2022-1438 · Cisco · Cisco Prime Infrastructure +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure versions affected versions not specified Cisco Evolved Programmable Network Manager versions affected versions not specified Description: The issue is related to insufficient input validation of the HTTPS URL by the...

6.5CVSS7.3AI score0.01649EPSS
Exploits0References6
Rows per page
Query Builder