Cisco PI/EPNM Cross-Site Scripting Vulnerability

Cisco Prime Infrastructure is a solution for wireless management through Cisco Technologies LMS and NCS. Cisco Prime Infrastructure PI, Evolved Programmable Network Manager EPNM has a security vulnerability in the web management interface, where an unauthenticated remote attacker executes a...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web-based management interface of an...

Cisco Prime Infrastructure and Evolved Programmable Network Manager DOM Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a Document Object Model DOM based environment or client-side cross-site scripting XSS attack against a us...

Cisco Prime Infrastructure and Evolved Programmable Network Manager XML Injection Vulnerability

A vulnerability in the web-based user interface of Cisco Prime Infrastructure PI and Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. The attacker mu...

The vulnerability of the Cisco Prime Infrastructure lifecycle management software and the Cisco Evolved Programmable Network Manager network service management software allows a hacker to gain access to confidential data.

The vulnerability of the Cisco Prime Infrastructure network lifecycle management software interface and the Cisco Evolved Programmable Network Manager network service management software is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious...

Multiple Cisco Product Information Disclosure Vulnerabilities

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager are both products of the United States Cisco Cisco. The former is a set of Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technology for wireless management solutions; the latter i...

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

CVE-2016-6443

CVE-2016-6443 affects Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM) with a SQL database interface vulnerability. The issue is a lack of input validation in SQL queries, allowing an authenticated, remote attacker to execute a subset of arbitrary SQL statements that can...

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information:...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Database Interface SQL Injection Vulnerability

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. The vulnerability is...

CVE-2016-1408

Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager EPNM 1.2 and 2.0 allow remote authenticated users to execute arbitrary commands or upload files via a crafted HTTP request, aka Bug ID CSCuz01488...

Cisco Prime Infrastructure and Evolved Programmable Network Manager API Unauthorized Access Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Authenticated Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files and execute commands as the prime web user. The prime web user does not have the full privileges of root...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

Design/Logic Flaw

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

CVE-2016-1406

The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to bypass intended RBAC restrictions and obtain sensitive information, and consequently gain privileges, via crafted JSON data, aka Bug ID...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Privilege Gain Vulnerability

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM are both products of the U.S. Cisco Cisco.PI is a set of solutions for wireless management through Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technologies; EPNM is a network...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager JSON Privilege Escalation Vulnerability

A vulnerability in the application programming interface API web interface of the Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to perform privilege escalation on the affected device. The attacker can escalate privileges to...

Cisco Prime Infrastructure elevation of privilege vulnerability (CNVD-2016-02072)

Cisco Prime Infrastructure is the United States Cisco Cisco company's set of wireless management through the Cisco Prime LAN Management Solution LMS and Cisco Prime Network Control System NCS technology solutions. An elevation of privilege vulnerability exists in Cisco Prime Infrastructure 1.2.0...