PT-2023-4433 · Cisco · Cisco Evolved Programmable Network Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remo...

CVE-2023-33965 Brook's tproxy server is vulnerable to a drive-by command injection.

Brook is a cross-platform programmable network tool. The tproxy server is vulnerable to a drive-by command injection. An attacker may fool a victim into visiting a malicious web page which will trigger requests to the local tproxy service leading to remote code execution. A patch is available in...

The vulnerabilities of the closed software environment of Cisco Evolved Programmable Network Manager, the Cisco Identity Services Engine, the Cisco Prime Infrastructure – systems for monitoring and managing network equipment – allow attackers to escalate their privileges.

The vulnerability of the closed-programming environment of Cisco Evolved Programmable Network Manager, the Cisco Identity Services Engine, and the Cisco Prime Infrastructure system for network monitoring and management exists due to the lack of measures taken to neutralize special elements used i...

Cisco Evolved Programmable Network Manager Multiple Vulnerabilities (cisco-sa-pi-epnm-eRPWAXLe)

The version of Cisco Evolved Programmable Network EPN Manager installed on the remote host is prior to 5.0.2.5, 5.1.4.3, 6.0.2.1 or 6.1.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the cisco-sa-pi-epnm-eRPWAXLe advisory: - A cross-site scripting XSS vulnerability i...

CVE-2023-20122

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20131

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

CVE-2023-20122

Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager EPNM, Cisco Identity Services Engine ISE, and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating...

CVE-2023-20131

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

Cisco Prime Infrastructure 安全漏洞

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. A security vulnerability exists in Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager, which can be exploited by remote attackers to...

Cisco Prime Infrastructure和Cisco Evolved Programmable Network Manager 跨站脚本漏洞

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure are both products of Cisco Corporation.Cisco Evolved Programmable Network Manager is a network management Cisco Prime Infrastructure is a software application. Cisco Prime Infrastructure is a software application used to...

Cisco Prime Infrastructure 路径遍历漏洞

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. A security vulnerability exists in Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager, which can be exploited by remote attackers to...

Cisco Prime Infrastructure 跨站请求伪造漏洞

Cisco Prime Infrastructure is a software application from Cisco USA. It is used to simplify the management of wireless and wired networks. A security vulnerability exists in Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager, which can be exploited by remote attackers to...

CVE-2023-20131 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

PT-2023-2178 · Cisco · Cisco Evolved Programmable Network Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to the web-based management interface of the affected systems, allowi...

PT-2023-2211 · Cisco · Cisco Prime Infrastructure +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface,...

PT-2023-2175 · Cisco · Cisco Prime Infrastructure +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface,...

PT-2023-2199 · Cisco · Cisco Identity Services Engine +2

Name of the Vulnerable Software and Affected Versions: Cisco Evolved Programmable Network Manager affected versions not specified Cisco Identity Services Engine affected versions not specified Cisco Prime Infrastructure affected versions not specified Description: The issue is related to multiple...

CVE-2023-20131 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow a remote attacker to obtain privileged information and conduct cross-site scripting XSS and cross-site request forgery CSRF attacks. For mor...

Cisco Evolved Programmable Network Manager Stored XSS (cisco-sa-cisco-pi-epnm-xss-mZShH2J)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.0. It is, therefore, affected by a cross-site scripting XSSvulnerability as referenced in the cisco-sa-cisco-pi-epnm-xss-mZShH2J advisory. This vulnerability is due to insufficient validation of...