Prime Network Registrar Security Vulnerabilities and Issues — Prime Network Registrar CVE List

Lucene search

CiscoPrime Network Registrar

8 matches found

CVE•added 2023/10/10 2:15 p.m.•4412 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94434EPSS

CVE•added 2020/03/04 7:15 p.m.•70 views

CVE-2020-3148

A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections in the web-based interface. An at...

7.1CVSS7.2AI score0.00306EPSS

CVE•added 2020/05/22 6:15 a.m.•41 views

CVE-2020-3272

A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming DHCP traffic. An attacker could exploit this ...

7.8CVSS7.4AI score0.00358EPSS

CVE•added 2019/04/18 2:29 a.m.•40 views

CVE-2019-1840

A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied input validation whe...

8.6CVSS7.9AI score0.00543EPSS

CVE•added 2017/04/20 10:59 p.m.•38 views

CVE-2017-6613

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The vulnerability is due to in...

5.8CVSS5.7AI score0.00292EPSS

CVE•added 2016/06/18 1:59 a.m.•37 views

CVE-2016-1427

The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

7.5CVSS7.2AI score0.00617EPSS

CVE•added 2015/09/18 10:59 p.m.•33 views

CVE-2015-6296

Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.

7.2CVSS6.5AI score0.00093EPSS

CVE•added 2013/11/27 4:43 a.m.•31 views

CVE-2013-3394

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.

4.3CVSS5.8AI score0.00248EPSS