Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoPrime Infrastructure

76 matches found

CVE
CVEadded 2021/09/02 3:15 a.m.45 views

CVE-2021-34733

A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local attacker to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists because sensitive informat...

5.5CVSS5.4AI score0.00047EPSS
CVE
CVEadded 2013/05/31 9:55 p.m.44 views

CVE-2013-1247

Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356.

4.3CVSS5.9AI score0.00296EPSS
CVE
CVEadded 2015/02/12 1:59 a.m.44 views

CVE-2014-2147

The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka B...

4.3CVSS6.5AI score0.00422EPSS
CVE
CVEadded 2016/01/08 2:59 a.m.44 views

CVE-2015-6434

Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug ID CSCux64856.

6.1CVSS4.9AI score0.00243EPSS
CVE
CVEadded 2016/04/06 11:59 p.m.44 views

CVE-2016-1291

Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192.

9.8CVSS9.6AI score0.02322EPSS
CVE
CVEadded 2017/04/07 5:59 p.m.44 views

CVE-2017-3884

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to access sensitive data. The attacker does not need administrator credentials and could use this information to conduct additional r...

6.5CVSS6.3AI score0.00231EPSS
CVE
CVEadded 2019/05/16 1:29 a.m.43 views

CVE-2019-1825

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary SQL queries. This vulnerability exist because the software improperly validates user-suppl...

8.1CVSS8.3AI score0.00334EPSS
CVE
CVEadded 2023/08/16 10:15 p.m.43 views

CVE-2023-20201

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected devic...

5.4CVSS5.1AI score0.0005EPSS
CVE
CVEadded 2024/01/17 5:15 p.m.43 views

CVE-2023-20271

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-su...

6.5CVSS6.6AI score0.00087EPSS
CVE
CVEadded 2015/02/12 1:59 a.m.42 views

CVE-2014-2152

Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun21868.

6.8CVSS7.4AI score0.00173EPSS
CVE
CVEadded 2015/08/25 1:59 a.m.42 views

CVE-2015-6262

Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCum49054 and CSCum49059.

6.8CVSS7.4AI score0.00107EPSS
CVE
CVEadded 2019/10/02 7:15 p.m.42 views

CVE-2019-12713

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient ...

6.1CVSS6AI score0.00153EPSS
CVE
CVEadded 2023/04/05 6:15 p.m.41 views

CVE-2023-20129

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For...

6.5CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2023/04/05 6:15 p.m.41 views

CVE-2023-20130

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For...

6.5CVSS6.5AI score0.00075EPSS
CVE
CVEadded 2015/02/12 1:59 a.m.40 views

CVE-2014-2153

Multiple cross-site scripting (XSS) vulnerabilities in INSERT pages in Cisco Prime Infrastructure allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCun21869.

4.3CVSS5.9AI score0.00256EPSS
CVE
CVEadded 2015/10/13 12:59 a.m.40 views

CVE-2015-6332

Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation requests, aka Bug ID CSCuv56830.

5CVSS7.4AI score0.00456EPSS
CVE
CVEadded 2016/03/03 10:59 p.m.40 views

CVE-2016-1359

Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a log file, aka Bug ID CSCuw81494.

8.8CVSS8.6AI score0.00508EPSS
CVE
CVEadded 2023/04/05 6:15 p.m.40 views

CVE-2023-20131

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For...

6.5CVSS5.8AI score0.00113EPSS
CVE
CVEadded 2024/01/17 5:15 p.m.40 views

CVE-2023-20258

A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. This vulnerability is due to improper processing of serialized Java objects by the affected application...

7.2CVSS7.3AI score0.00048EPSS
CVE
CVEadded 2014/12/20 12:59 a.m.39 views

CVE-2014-8007

Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the Quick Discovery options page, aka Bug ID CSCum00019.

4CVSS6.5AI score0.00176EPSS
CVE
CVEadded 2016/07/02 2:59 p.m.39 views

CVE-2016-1289

The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID CS...

10CVSS9.5AI score0.06314EPSS
CVE
CVEadded 2018/10/05 2:29 p.m.38 views

CVE-2018-15433

A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information. The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by se...

4.3CVSS4.4AI score0.00152EPSS
CVE
CVEadded 2016/07/02 2:59 p.m.37 views

CVE-2016-1408

Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to execute arbitrary commands or upload files via a crafted HTTP request, aka Bug ID CSCuz01488.

8.8CVSS8.7AI score0.00267EPSS
CVE
CVEadded 2016/10/27 9:59 p.m.37 views

CVE-2016-6443

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information: CSCva...

8.8CVSS8.6AI score0.0187EPSS
CVE
CVEadded 2016/04/06 11:59 p.m.35 views

CVE-2016-1290

The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.

8.1CVSS7.8AI score0.00165EPSS
CVE
CVEadded 2014/02/27 8:55 p.m.34 views

CVE-2014-0679

Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via an unspecified URL, aka Bug ID CSCum71308.

9CVSS7.5AI score0.00613EPSS
Total number of security vulnerabilities76