Lucene search
+L

105 matches found

osv
osv
added 2019/05/16 1:29 a.m.4 views

CVE-2019-1823

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because t...

7.2CVSS7.3AI score0.04415EPSS
Exploits1References2
osv
osv
added 2019/05/16 1:29 a.m.5 views

CVE-2019-1818

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager software could allow an authenticated, remote attacker to download and view files within the application that should be restricted. This vulnerability is due to...

6.5CVSS5.8AI score0.13856EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2019/05/16 1:10 a.m.19 views

CVE-2019-1821 Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because t...

8.8CVSS7.1AI score0.98092EPSS
Exploits12References3
vulnrichment
vulnrichment
added 2019/05/16 1:10 a.m.15 views

CVE-2019-1824 Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-supplie...

8.1CVSS7.8AI score0.01901EPSS
Exploits1References2
cisco
cisco
added 2019/05/15 4:0 p.m.56 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. These vulnerabilities exist because the software improperly validates...

8.1CVSS1.2AI score
Exploits0References1
osv
osv
added 2017/07/04 12:29 a.m.4 views

CVE-2017-6699

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an...

6.1CVSS5.7AI score0.0128EPSS
Exploits2References3
osv
osv
added 2017/07/04 12:29 a.m.6 views

CVE-2017-6698

A vulnerability in the Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More...

5.4CVSS5.9AI score0.00938EPSS
Exploits2References3
cvelist
cvelist
added 2017/07/04 12:0 a.m.30 views

CVE-2017-6700

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM based environment or client-side cross-site scripting XSS attack against a us...

6AI score0.0128EPSS
Exploits2References3
cnvd
cnvd
added 2017/06/23 12:0 a.m.6 views

Cisco PI/EPNM Cross-Site Scripting Vulnerability

Cisco Prime Infrastructure is a solution for wireless management through Cisco Technologies LMS and NCS. Cisco Prime Infrastructure PI, Evolved Programmable Network Manager EPNM has a security vulnerability in the web management interface, where an unauthenticated remote attacker executes a...

6.1CVSS6.5AI score0.0128EPSS
Exploits2References1
cisco
cisco
added 2017/06/21 4:0 p.m.50 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager XML Injection Vulnerability

A vulnerability in the web-based user interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker mu...

8.8CVSS8AI score0.02359EPSS
Exploits2References1
cisco
cisco
added 2017/06/21 4:0 p.m.51 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an...

4.7CVSS6.1AI score0.0128EPSS
Exploits2References1
cisco
cisco
added 2017/06/21 4:0 p.m.55 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager DOM Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM based environment or client-side cross-site scripting XSS attack against a us...

4.7CVSS6AI score0.0128EPSS
Exploits2References1
osv
osv
added 2016/10/27 9:59 p.m.8 views

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

8.8CVSS5.9AI score0.02975EPSS
Exploits0References3
cvelist
cvelist
added 2016/10/27 9:0 p.m.26 views

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

8.6AI score0.02975EPSS
Exploits0References3
cve
cve
added 2016/10/27 9:0 p.m.50 views

CVE-2016-6443

CVE-2016-6443 affects Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM) with a SQL database interface vulnerability. The issue is a lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute a subset of arbitrary SQL statements that can...

8.8CVSS8.6AI score0.02975EPSS
Exploits0References3Affected Software2
cisco
cisco
added 2016/10/12 4:0 p.m.40 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. The vulnerability is...

6.5CVSS8.6AI score0.02975EPSS
Exploits0References1
cnvd
cnvd
added 2016/07/01 12:0 a.m.5 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager API Unauthorized Access Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...

10CVSS7.2AI score0.06153EPSS
Exploits0References1
cisco
cisco
added 2016/06/29 4:0 p.m.36 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Authenticated Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files and execute commands as the prime web user. The prime web user does not have the full privileges of root...

6.5CVSS9AI score0.0249EPSS
Exploits0References1
nvd
nvd
added 2016/05/25 1:59 a.m.24 views

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

8.8CVSS8.4AI score0.0162EPSS
Exploits0References2
prion
prion
added 2016/05/25 1:59 a.m.18 views

Design/Logic Flaw

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

6.5CVSS6.8AI score0.0162EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder