133 matches found
The vulnerability of the REST API implementation of the monitoring and network equipment management system called Cisco Prime Infrastructure, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to execute arbitrary code.
The vulnerability of the REST API interface of the Cisco Prime Infrastructure monitoring and network equipment management system, as well as the Cisco Evolved Programmable Network Manager EPNM, relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows...
CVE-2025-20272
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20272
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...
Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure SQL注入漏洞
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco, Inc.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application that simplifies the management of wireless and wired networks. Cisco...
PT-2025-29852
Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description A vulnerability exists in a subset of REST APIs in Cisco Prime Infrastructure and Cisco...
Cisco Evolved Programmable Network Manager XSS (CVE-2025-20120)
The version of Cisco Evolved Programmable Network Manager installed on the remote host is affected by a stored cross site scripting XSS vulnerability. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attack...
Cisco Evolved Programmable Network Manager XSS (CVE-2025-20203)
The version of Cisco Evolved Programmable Network Manager installed on the remote host is affected by a stored cross site scripting XSS vulnerability. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this...
CVE-2024-20514
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...
CVE-2023-20260
A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...
The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...
The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...
CVE-2025-20120
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20120
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20203
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...
CVE-2025-20203
CVE-2025-20203 details (Cisco EPNM and Cisco Prime Infrastructure): A stored XSS vulnerability exists in the web-based management interface due to improper validation of user input. An authenticated attacker with valid admin credentials could inject malicious code into data fields, potentially ex...