Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory.
2023-04-05T18:15:07.803
2024-11-21T07:40:37.600
Modified
CVSSv3.1: 6.5 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | cisco | prime_infrastructure | ≤ 3.7 | Yes |
Application | cisco | prime_infrastructure | < 3.10.2 | Yes |
Application | cisco | prime_infrastructure | 3.8 | Yes |
Application | cisco | prime_infrastructure | 3.8.1 | Yes |
Application | cisco | prime_infrastructure | 3.9 | Yes |
Application | cisco | prime_infrastructure | 3.9.1 | Yes |
Application | cisco | evolved_programmable_network_manager | < 5.0.2.5 | Yes |
Application | cisco | evolved_programmable_network_manager | < 5.1.4.2 | Yes |
Application | cisco | evolved_programmable_network_manager | < 6.0.2.1 | Yes |
Application | cisco | evolved_programmable_network_manager | < 6.1.1.1 | Yes |