Lucene search
K

133 matches found

BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.13 views

The vulnerability of the REST API implementation of the monitoring and network equipment management system called Cisco Prime Infrastructure, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to execute arbitrary code.

The vulnerability of the REST API interface of the Cisco Prime Infrastructure monitoring and network equipment management system, as well as the Cisco Evolved Programmable Network Manager EPNM, relates to the lack of security measures for SQL query structures. Exploiting this vulnerability allows...

4.3CVSS6.1AI score0.00292EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.13 views

CVE-2025-20272

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...

4.3CVSS7AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 2025/07/16 5:15 p.m.5 views

CVE-2025-20272

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...

4.3CVSS5.9AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/16 4:16 p.m.35 views

CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...

4.3CVSS0.00292EPSS
Exploits0References1
Cisco
Cisco
added 2025/07/16 4:0 p.m.12 views

Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied...

4.3CVSS7.8AI score0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/16 12:0 a.m.3 views

Cisco Evolved Programmable Network Manager和Cisco Prime Infrastructure SQL注入漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco, Inc.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application that simplifies the management of wireless and wired networks. Cisco...

4.3CVSS7.6AI score0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29852

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description A vulnerability exists in a subset of REST APIs in Cisco Prime Infrastructure and Cisco...

4.3CVSS5.9AI score0.00292EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.2 views

Cisco Evolved Programmable Network Manager XSS (CVE-2025-20120)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is affected by a stored cross site scripting XSS vulnerability. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attack...

6.1CVSS6.1AI score0.00301EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.2 views

Cisco Evolved Programmable Network Manager XSS (CVE-2025-20203)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is affected by a stored cross site scripting XSS vulnerability. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this...

4.8CVSS6.1AI score0.00278EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 7:48 a.m.11 views

CVE-2024-20514

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

5.4CVSS5.7AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.8 views

CVE-2023-20260

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper processing of command line arguments to application scripts. An...

6.7CVSS6.9AI score0.00175EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/08 12:0 a.m.9 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...

6.4CVSS5.2AI score0.00301EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/08 12:0 a.m.11 views

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software lies in the insufficient protection of the web page structure. Exploiting this vulnerability allows a malicious actor to perform...

5.5CVSS5.2AI score0.00278EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2025/04/04 4:51 p.m.14 views

CVE-2025-20120

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...

6.1CVSS6.1AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/04 4:50 p.m.17 views

CVE-2025-20203

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...

4.8CVSS6AI score0.00278EPSS
Exploits0References1
NVD
NVD
added 2025/04/02 5:15 p.m.12 views

CVE-2025-20203

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...

4.8CVSS0.00278EPSS
Exploits0References1
OSV
OSV
added 2025/04/02 5:15 p.m.4 views

CVE-2025-20120

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This...

6.1CVSS6AI score0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/02 4:17 p.m.10 views

CVE-2025-20203

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...

4.8CVSS6AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 4:17 p.m.15 views

CVE-2025-20203

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. The...

4.8CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 4:17 p.m.64 views

CVE-2025-20203

CVE-2025-20203 details (Cisco EPNM and Cisco Prime Infrastructure): A stored XSS vulnerability exists in the web-based management interface due to improper validation of user input. An authenticated attacker with valid admin credentials could inject malicious code into data fields, potentially ex...

4.8CVSS6AI score0.00278EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder