The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to carry out a cross-site scripting attack.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software relates to insufficient data cleaning provided by users. Exploiting this vulnerability allows a malicious actor to carry out XSS attack...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM) software for managing network services, allows a attacker to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Prime Infrastructure network equipment and the Cisco Evolved Programmable Network Manager EPNM software relates to insufficient data cleaning provided by users. Exploiting this vulnerability allows a malicious actor to carry out XSS attack...

The vulnerability of the web-server of the programmable logical controller ioLogik, related to deficiencies in access control, allows a intruder to gain unauthorized access to confidential data.

The vulnerability of the web-server-based programmable logic controller ioLogik is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to confidential data...

Cisco Evolved Programmable Network Manager XSS (cisco-sa-pi-epnm-BFjSRJP5)

The version of Cisco Evolved Programmable Network Manager installed on the remote host is prior to 7.1. It is, therefore, affected by a cross-site scripting XSS vulnerability. Due to insufficient validation of user input, an authenticated, remote attacker can, by persuading a user of the affected...

The vulnerability in the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager (EPNM), allows a attacker to execute XSS attacks and execute arbitrary code.

The vulnerability affects the web interface of the Cisco Prime Infrastructure monitoring and management system, as well as the Cisco Evolved Programmable Network Manager EPNM software for managing network services. Exploiting this vulnerability allows a remote attacker to execute XSS attacks and...

CVE-2023-20205

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

CVE-2023-20203

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

CVE-2023-20222

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

CVE-2023-20201

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. The...

Cisco Evolved Programmable Network Manager 跨站脚本漏洞

Cisco Evolved Programmable Network Manager is a network management solution from Cisco. A security vulnerability exists in Cisco Evolved Programmable Network Manager that stems from insufficient validation of user-provided input, which could allow an authenticated, remote attacker to conduct a...

Cisco Evolved Programmable Network Manager 跨站脚本漏洞

Cisco Evolved Programmable Network Manager is a network management solution from Cisco. A security vulnerability exists in Cisco Evolved Programmable Network Manager that stems from insufficient validation of user-provided input, which could allow an authenticated, remote attacker to conduct a...

PT-2023-4585 · Cisco · Cisco Evolved Programmable Network Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to insufficient validation of user-supplied input in the web-based...

PT-2023-4433 · Cisco · Cisco Evolved Programmable Network Manager +1

Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remo...

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure.

The vulnerability of the HCI interface, which operates according to the IEC 60870-5-104 standard, in the Hitachi Energy RTU500 programmable logic controllers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, as well as in measurement and control controllers Experion LX, and the distribution control system Experion PlantCruise, is related to buffer overflow in dynamic memory. Exploiting this...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerabilities of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and the Experion PlantCruise distribution control system are related to the restoration of unreliable data in memory. Exploiting these...

The vulnerabilities of the microprogramming software for Honeywell Experion PKS programmable logic controllers, the measurement and computing controllers Experion LX, and the distribution control system Experion PlantCruise allow a intruder to execute arbitrary code.

The vulnerability of microprogrammed software in Honeywell Experion PKS programmable logic controllers, Experion LX measurement and control controllers, and Experion PlantCruise distribution systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker...

The vulnerability of FTP servers of microprogrammed logic controllers such as MELSEC RJ71EIP91, SW1DNN-EIPCT-BD, FX5-ENET/IP, and SW1DNN-EIPCTFX5-BD allows attackers to compromise the target system.

The vulnerability of FTP servers of microprogrammed logic controllers such as MELSEC RJ71EIP91, SW1DNN-EIPCT-BD, FX5-ENET/IP, and SW1DNN-EIPCTFX5-BD lies in the ability to download files of a dangerous type without limitation. Exploiting this vulnerability can allow an attacker to compromise the...