Search criteria
144 vulnerabilities found for evolved_programmable_network_manager by cisco
FKIE_CVE-2025-20280
Vulnerability from fkie_nvd - Published: 2025-09-03 18:15 - Updated: 2025-09-09 18:20
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | evolved_programmable_network_manager | * | |
| cisco | evolved_programmable_network_manager | 8.1.0 | |
| cisco | prime_infrastructure | * | |
| cisco | prime_infrastructure | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27966907-6AA4-469C-9F61-F7313444B8DE",
"versionEndIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30C9B83D-54D0-4C11-BD6F-542DF7CBE6C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE6C1B6-F6DE-45A5-908A-8ADA588DDA52",
"versionEndIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBEDB40-E752-4649-8E93-1C281921581D",
"versionEndIncluding": "3.10.6",
"versionStartIncluding": "3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."
}
],
"id": "CVE-2025-20280",
"lastModified": "2025-09-09T18:20:44.523",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-09-03T18:15:33.153",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20287
Vulnerability from fkie_nvd - Published: 2025-09-03 18:15 - Updated: 2025-09-09 18:11
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | evolved_programmable_network_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27966907-6AA4-469C-9F61-F7313444B8DE",
"versionEndIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device."
}
],
"id": "CVE-2025-20287",
"lastModified": "2025-09-09T18:11:59.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-03T18:15:33.373",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epni-arb-file-upload-jjdM2P83"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20270
Vulnerability from fkie_nvd - Published: 2025-09-03 18:15 - Updated: 2025-09-09 18:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F5F61E-2191-453B-94BE-1C7130ADE49B",
"versionEndIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38A9179A-6A39-4BF9-8E7A-62FBDC999F09",
"versionEndExcluding": "8.0.1",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46632B31-3AF7-4E70-A5A3-5339F83C8B6E",
"versionEndExcluding": "8.1.2",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE6C1B6-F6DE-45A5-908A-8ADA588DDA52",
"versionEndIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBEDB40-E752-4649-8E93-1C281921581D",
"versionEndIncluding": "3.10.6",
"versionStartIncluding": "3.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.\u0026nbsp;\u0026nbsp;"
}
],
"id": "CVE-2025-20270",
"lastModified": "2025-09-09T18:15:53.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-09-03T18:15:32.900",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-info-dis-zhPPMfgz"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20269
Vulnerability from fkie_nvd - Published: 2025-08-20 17:15 - Updated: 2025-09-10 14:18
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.
This vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access sensitive files from the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | evolved_programmable_network_manager | * | |
| cisco | evolved_programmable_network_manager | 8.0.0 | |
| cisco | evolved_programmable_network_manager | 8.1.0 | |
| cisco | prime_infrastructure | * | |
| cisco | prime_infrastructure | * | |
| cisco | prime_infrastructure | 3.10.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84F5F61E-2191-453B-94BE-1C7130ADE49B",
"versionEndIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F604FB-CB3E-42FF-8C2E-B234BCCA20F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30C9B83D-54D0-4C11-BD6F-542DF7CBE6C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE6C1B6-F6DE-45A5-908A-8ADA588DDA52",
"versionEndIncluding": "3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FBEDB40-E752-4649-8E93-1C281921581D",
"versionEndIncluding": "3.10.6",
"versionStartIncluding": "3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_01:*:*:*:*:*:*",
"matchCriteriaId": "3A33A68B-7264-44F1-AF87-992FBA582FA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access\u0026nbsp;sensitive files from the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Evolved Programmable Network Manager (EPNM) y Cisco Prime Infrastructure podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios obtenga archivos arbitrarios del sistema de archivos subyacente de un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente para solicitudes HTTP espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de administraci\u00f3n web de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a archivos confidenciales del dispositivo afectado. "
}
],
"id": "CVE-2025-20269",
"lastModified": "2025-09-10T14:18:23.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-08-20T17:15:34.647",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Permissions Required",
"Product"
],
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd36820"
},
{
"source": "psirt@cisco.com",
"tags": [
"Not Applicable"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-TET4GxBX"
},
{
"source": "psirt@cisco.com",
"tags": [
"Not Applicable"
],
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-66682"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-73"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20272
Vulnerability from fkie_nvd - Published: 2025-07-16 17:15 - Updated: 2025-07-31 15:15
Severity ?
Summary
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64393984-EE5D-4EDD-B409-D5D09DA8933C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F77EAEEB-21B8-4E72-9129-782DF30E4624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "C92892CA-CBEA-40AA-9255-69CD85813592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867EA718-9DDD-4218-8A65-C637458CB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7678B118-E00C-4B1E-8B40-D3233DE3615C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EADD53A-CCEA-44B3-B825-8311CBD2C088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26172E3A-1963-4D1B-B0D2-D3323448CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.56:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E5B368-C2FF-402F-B636-51F4D74C218D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7785C295-46BA-4803-9CDE-7838931DACBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CAB27D0C-8530-4672-82E3-9765E17EE60B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "ABC8CDDF-FCBA-4795-A65D-11A64E846647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D1C9FD43-FA29-457C-AEE5-298B32D52733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03:*:*:*:*:*:*",
"matchCriteriaId": "4634820E-5D21-4A8A-AA53-9F2D55E8D84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04:*:*:*:*:*:*",
"matchCriteriaId": "EFDE4B1F-4B66-4121-AB09-23DD7693A685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0CB4B2E5-BC01-4B0B-9DDF-1AC1F80485D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02:*:*:*:*:*:*",
"matchCriteriaId": "FD6DE143-92B8-494D-9AD7-26DE51594A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03:*:*:*:*:*:*",
"matchCriteriaId": "2460BCA0-DC63-44DF-8487-398AADCD6E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04:*:*:*:*:*:*",
"matchCriteriaId": "6576E2D3-108E-4A97-9B6D-2414126A771B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05:*:*:*:*:*:*",
"matchCriteriaId": "E63ED095-1E50-4194-9289-24D2E91D040C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06:*:*:*:*:*:*",
"matchCriteriaId": "B3FABE9E-AF4D-4526-A709-69AA7ED349CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9E3FB-AD79-498D-918A-7C97BA1DD492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7C8E1B-A85D-4EFC-9886-F984E2A7A4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8559E064-93BC-4B54-BBF1-AE3A4B236B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA6E2EC-F10C-43D1-BCF2-C040D7F1B305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF98F43-771F-41A3-8F7A-13076D602A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "54E6140D-C998-4443-84AB-4F4ADC4B72B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FFBC94-50A0-4257-A2E4-4D2F45972706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E716A-9A50-4DF3-8245-655E339F633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A12E50-6F9B-46CF-9F3F-4E234CB61476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E34F81-BBDF-4294-9F51-5C9B6B475A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27FCE53D-43B6-41A3-B374-3EA2F6B14C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56D96F2E-D32A-458A-B221-3CF68BA2FB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7124F999-450D-479F-9F9B-C566A611318F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA816E0-7306-4254-B744-C595A0E0EC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack10:*:*:*:*:*:*",
"matchCriteriaId": "EA0E0381-2EC4-4B77-9279-A4A50E0FBF9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack11:*:*:*:*:*:*",
"matchCriteriaId": "3FA02B4C-5915-4253-8447-995FE3878F4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack12:*:*:*:*:*:*",
"matchCriteriaId": "06E572CF-2CF4-4F09-AA16-C936E9AFA192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack13:*:*:*:*:*:*",
"matchCriteriaId": "5C0D6B9A-B1A9-4E50-BFD7-84F9AA1A7F8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack14:*:*:*:*:*:*",
"matchCriteriaId": "C1D1E78E-C4A6-47E4-9540-8DA606972D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack15:*:*:*:*:*:*",
"matchCriteriaId": "81EA7914-211B-46C2-92EA-F982FFCFE9D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack16:*:*:*:*:*:*",
"matchCriteriaId": "5BA99BE2-3679-43CF-98EE-8206491AFD64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "C35E075A-784E-43F8-86FA-AA05E589A5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack5:*:*:*:*:*:*",
"matchCriteriaId": "A2A5986F-0ECD-4522-972D-0A19AC34E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack6:*:*:*:*:*:*",
"matchCriteriaId": "98CDAF8A-3D4F-458C-965E-104E3A46BDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack7:*:*:*:*:*:*",
"matchCriteriaId": "1938AB2B-2F6B-4493-8789-3319A8956BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack8:*:*:*:*:*:*",
"matchCriteriaId": "CE0FFCC7-E364-4B24-ABC2-F5AE1B168C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack9:*:*:*:*:*:*",
"matchCriteriaId": "FA9AD8F9-D8D8-43C4-8D5A-D4164E3BE112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4185137A-20E6-48EB-8E77-077F2A59AB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD9A93C-FE79-4323-BBF1-F9B2CD559570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B35B1DC-B09B-4901-A09E-3DC9A3D72FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D41817A2-8B83-48E8-AEA6-33488BA55B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9D0F39-43DA-40EF-AFC7-A1D97304ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DE754-6638-415C-AE38-567D4465747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF85F2F6-6C5F-4707-9BB7-AE8565D17238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79E64F9D-E85F-497F-8D2A-DC04DC89CB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3A2BDE58-6229-4A08-AF17-F41110EB8CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "8C766DB5-4EDB-4FD4-A098-6CC6FEEF84A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "4D65342D-2534-497E-B6BE-6ACBDF0CB8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "A1E60B96-5AB6-43E6-A1A7-C1C1817E54B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "644B3480-97D0-439F-8666-E28626542B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB2BBF-DA7D-4DCD-9997-564F0FACFC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89963594-03CA-412A-A03C-A88480364EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F868D71-1E81-4A67-854C-8C98AD4A0D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "48BA374B-1CB7-4366-A56A-67401AA44D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "45BC31AB-146B-4B14-B28F-FBCBAC4A30C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "0F0670D9-89F8-4595-B7BD-E50BBCEAF41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "CAC83DB6-FA40-4840-BA1E-AD49E0FE1266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "86044D17-2855-4C60-8E29-73F65A0ECC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "C68C71CF-A076-4D69-BF6C-C362B6E448E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39804A21-0999-4E14-8F9D-9F7FD1073B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C8E3FAB1-B6B4-4190-BD2B-F0187B836B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack10:*:*:*:*:*:*",
"matchCriteriaId": "158E229F-F867-42A7-8324-4C6476858F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack11:*:*:*:*:*:*",
"matchCriteriaId": "E29F5A37-9AE0-4723-A5F8-8CBCDDE84D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "6555C79F-4E72-4F9A-BDE4-9B7D911D533F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "201AB5ED-75D3-4955-A5BB-CEB4B1AF5A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "997BDD6A-1615-46B0-8157-73B7B679BD46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack5:*:*:*:*:*:*",
"matchCriteriaId": "2AC8FE53-D41F-41A2-9F14-661066B98C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack6:*:*:*:*:*:*",
"matchCriteriaId": "47485BFB-3A08-492E-8DA2-33AEEBA4EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack7:*:*:*:*:*:*",
"matchCriteriaId": "E37B1B4A-3151-410D-B7FE-470B7671DAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack8:*:*:*:*:*:*",
"matchCriteriaId": "26CB9171-B5E9-47F2-8B53-5CF8A27457B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack9:*:*:*:*:*:*",
"matchCriteriaId": "0DD9243A-95AB-4F6C-BBF1-FDA7D6D3B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE385F7-C743-4BF0-BA6F-DB335E791912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "A90E72A0-0E08-4C82-A60A-4EFB8CAB318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "2CC00B0F-3523-4F4A-B161-AAF1801A3774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "519CBBDE-52E0-4298-A9AC-D1128418FF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B17FBF2F-FCE4-4D1E-BD21-5CD048DEFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:update01:*:*:*:*:*:*",
"matchCriteriaId": "2E40D55B-F582-45C5-996B-2AFC0E69E96B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C7D036FB-69EC-40EE-8DDD-A4E066AFDD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "ECDD0096-0280-4F07-9EE9-C01322F117D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "31636942-878E-4A89-8F96-AC607284EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "582B81B5-2C6B-4B0E-86DC-6FA3B1605E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D68AC23D-4212-48F8-8894-DA0233A2BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "4AEF56A6-21AA-4BF1-BE3F-113DABD76B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "22B1A35F-C510-4CC2-89A1-8DD68EC33A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "8B6317B8-8B5C-4B4A-9ED6-F66E161C6196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B42BA02D-F4DE-49E0-AFA2-1D4C9A478611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "77635D04-25B1-46A8-9B59-82A77C251574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "01F4CF5B-AF03-4F88-BE46-819FC377657F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "B902E76C-8444-4E39-8A99-2FC3D4B28919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "8464BDA1-5243-4E82-9F93-98B8A1565940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B7C53970-9365-41A4-AAAD-1147AFBD1FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "9C9E8642-8B10-47E2-8225-CD11B5F16B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "AEC112A1-9AF9-41EA-A7EF-EE3720D98254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "5E029C00-8244-403A-95DC-57DFEF38AA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update04:*:*:*:*:*:*",
"matchCriteriaId": "ADBE4F87-EEF0-4ABD-B09C-DF2E77CBF96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "D0E3BCC4-F7A5-42F8-BAFF-245A279D8B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "B5092589-2C56-4E6E-8A5A-343C4A9A9727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B924D456-55B2-4743-B243-5BCBAA0F561C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "B0C94ABC-46A6-44DD-A793-82D2F4385BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CDE92A73-E7D6-4DA7-8647-837E03241B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "9BAFBA6A-EA82-498B-975A-9460BB36F179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "7411C94F-FACE-4FD0-9123-6DCB2D80BF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "36DE6B49-E5C7-455A-9B37-E14A967CC8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "B13AD86C-A307-4C11-9DD0-74B9B1D7197D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update05:*:*:*:*:*:*",
"matchCriteriaId": "EBBED7A4-D480-4B07-83E0-45FEF49DBF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update06:*:*:*:*:*:*",
"matchCriteriaId": "D1CDA1D0-17B2-45D3-B047-43FF2637E367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update07:*:*:*:*:*:*",
"matchCriteriaId": "42287B1C-224A-478C-A484-F03F68ED0F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C0162245-9B36-446A-986C-7D29E94BF46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B88DD47B-C413-4104-AC86-A00E2CE7B785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "D625630E-1F36-46BA-BCCA-AF5DBAE5383D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "3792F396-CFBB-4EC4-B2AB-A46ED25B34B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "608240CD-CD6C-42A3-9590-7F37B35EDC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A943CAA9-53DF-4E95-B2EE-DD4CBA80F3ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "0FD2F936-8848-4F90-A6C3-26EFD5262B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "599350C2-9BEB-456E-B485-F98EBD20A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "1BBB2C8B-2353-4F5C-B87A-9C919874DAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "A8CF95CB-5A0D-4CD1-9179-62370D1B2CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "65424DB3-01B9-4E06-97ED-65F7E20A6A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "033DFCA4-7CEA-473F-9C6F-36D9D7271D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "EA458C15-66E7-4976-8805-A10608BF7C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A691B1FC-75E6-47E9-8C3F-25CDCFDE2C68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "92F7EDFF-4D52-4436-A207-D3D350E3A282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "DD08F6B6-11A9-4DFD-A883-7F7CF8788594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "EA402B08-1F79-4B61-A8CD-CBA082FAF2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:-:*:*:*:*:*:*",
"matchCriteriaId": "63256421-6867-4F0A-9335-E782AC92E536",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "A432C185-0016-4047-A377-5F4BDCECC2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:update01:*:*:*:*:*:*",
"matchCriteriaId": "E6F5C15A-061F-4260-AC1F-AFCED6ECEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1B2DCE-C1B6-4186-8067-6979ADD16467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87FCE452-921D-4404-9FA3-135A957F32CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "594DC226-FE9F-46F3-AECE-0F2FE06CDC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46E52EE9-7B3F-4F82-8411-089DA8B1FD4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-:*:*:*:*:*:*",
"matchCriteriaId": "8E76E81B-A235-4A19-AAE4-319CB7840673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update01:*:*:*:*:*:*",
"matchCriteriaId": "DC554CB1-9112-43B5-A279-5EC110698A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update02:*:*:*:*:*:*",
"matchCriteriaId": "10E7FC9C-EB9C-45D1-AA8F-FC3F4A153C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update03:*:*:*:*:*:*",
"matchCriteriaId": "E3A13607-DB2A-4BCD-877A-6EEDCDDB5404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "497C3D07-43EB-4919-A902-A650EDE4BEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:*:*:*:*:*:*",
"matchCriteriaId": "94273457-DA21-40F8-B8E8-A6DA0F5A8300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.6:update01:*:*:*:*:*:*",
"matchCriteriaId": "30799703-8281-4463-AD55-17A166C5640E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D524B688-7CF9-4FA1-B04F-015F1707DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56AFA6AB-2E75-4DFD-9C89-3050E7328C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9C14F6-310E-4B7D-8F97-898C494E7864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98DB8EC6-AAF4-452F-A291-B7890CD9B0EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6844EAA6-744F-4F03-BF01-26B17C968D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A46F350A-5DA5-4DD4-8E49-25D5CC8BF8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB9FD11-B85C-42E1-8292-4DCF383A76C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9BB770-15ED-4CAA-84BB-3E547FA73936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EACE74-3F09-41B8-B488-CD3283AB469B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F8AEDEC5-FC70-4BB0-B513-1C3ED72ED188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7858DF-D3EE-4E8C-BBF8-12ACB1026982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E318D077-AEB7-42B3-B8CE-FE8D70BF992A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEECECA7-6D23-4417-BA1C-15CE700FBBF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA18342-A0FB-4ACB-87B1-33DB499F41D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81133BED-E0E0-4AF8-B7CA-EAF15A92BDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B844F015-66F3-43E2-8FC8-E5F1AA6FFD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70DA07D0-C300-4B41-9FF6-5A4D0A3AF2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27DF884D-4DDB-497E-B6BA-207FF56F7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E38F863-F537-4829-B984-69517AEA96E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD561E5-4C42-473A-AF4D-EB0B4E702E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23C2726-E0A7-4791-92E7-F11C239A2D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "776F5F18-2510-4A3E-8A21-69BAB385265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB5C7E5-A652-4D4C-83C3-151BF4E9B829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "52F2C75C-C4B0-4738-B41A-CA0270483955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9820AE3-1248-4426-84D4-EB346736FEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89D6472B-206B-456D-8D91-CA630B2E1835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A60AF22A-92DF-4FBC-B5B4-8C670420DB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D4CEA-A280-48B0-B485-77B9F451CB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D96EB248-D1B4-4273-8B92-AAD53CA3B6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CEA1C0-6A77-4DAC-A91D-6F41E9D87C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098002C5-97F7-4075-B2B1-9E70FD05825F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAD566A-BBAE-4F6E-A82B-F571FC105818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DA497EE7-95DB-48A1-A160-EEE8E8C02DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "660C43C3-48A9-4330-BBF2-951F2227B852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5A875D-8178-46B1-BC30-7D30FBBE57F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B80B160-8A87-4611-9309-1B51F972BBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6B8A96-1A84-4406-9158-94D35DF2163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F347336-4D4D-460C-8D3A-26265F52988F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "370519A8-8026-4D88-B29B-573F486DF584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5560362-925E-4777-8716-1FCE8E5D984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0491DDC-9A4F-4C5C-B9C6-681E519CDE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "99C1188F-2D14-4B97-AFF7-A0608CB99376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "794C923F-D62B-4DA5-9067-342E90AE03C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B61414-736F-4238-95BC-B19A58CA27A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5666901E-4537-4378-BA8A-A37B6893EB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48900C79-AA7A-41D1-89BF-E6E2D3B57B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F782F5B-5EF6-4618-87D0-B7371918AC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5DAF31-1FC6-4A0F-957B-0383FD9DA294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50B60082-790B-41B1-B5C3-78378B1FF170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3AA6-8F93-4D97-9177-B05BD6132C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7885D8-CEC4-4E5F-9911-7ACF645B80E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C86EE9-9CE6-4C50-BF60-3CFD22E4C4DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DED9D22-7764-448A-9F7D-DB950B1D95A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBD14FB-DB01-4065-AE4B-EECB858F59C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E6D5B7-AA57-47E0-B208-08AB4AC3041C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC2F8B-AE92-4A6F-A7DB-327F6114BD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D509F6-8AF3-4CEE-A895-F7C1240E81CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9167E9-192F-43B6-95E1-B93D74CBAA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF50BFC-66A0-4EA7-869F-B5805D82999B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B06061-139E-45E9-93DA-1F45E11F57CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0ACAAD-8400-4360-8B45-CE24EABBDD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "891EE1AA-951E-4DE7-ACAE-110A62FB0D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543C76-AF44-4FB2-ADE0-B5A077F118D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC517987-F5C2-4158-988A-36E86662028C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71136B64-8BA2-451B-AABD-BF0658E3C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B673A8-DFF1-4088-9367-6EE79E5ACE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE4B2BD-3551-44D5-BC69-2608DE6FE499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A194A3-6F1C-4A9F-89E7-3B27CAAC93B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C65FB27-E881-418A-8CAF-E0760C55FC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5323F5F-0D26-41DA-B37A-790B036B5233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14726D39-6480-44B7-911A-7CF49987CE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4609ADFF-221D-4DD5-A7BA-EA29CECE5CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B81A9D2-33C2-4331-B98C-15B0AE400873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4E5000-37BD-484D-8DC2-7728CA5AB531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC07C2BB-5D71-47B6-96F1-FD1343AD72E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C35B0A0-BCCE-44F0-830B-D927797DFEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED874BF9-2384-4EF4-BE82-9A90F5A4C8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3600AB-AF4E-402E-B9D6-74852C42D04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F366853-DDBE-4AA1-94F3-BD906C321A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85EF2166-E513-4677-83D9-3B3330B54115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41D7C144-3041-43FD-A451-7650900FAC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAB236C-867E-488D-8718-7B7EC112E3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "173A7696-84F1-4682-BD08-504935787ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B76D780-B0E7-4CF4-90AF-34A3E4F2D99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91D93C24-B7B7-4047-A398-081F95735265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFB6F03-FD41-41B7-B8EE-7A05046081EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "027F461C-78DB-4BF1-86D2-D8585B647053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C336F493-CE87-40ED-8263-9A447A2F88F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10EB05BB-74F7-4795-AF5C-66A134727709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "718F8440-7128-404A-B91F-681E289FAECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42E2FAB6-3F96-4100-97FC-5CE8B7C3EA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4BD6-46FB-4E19-8BE4-83AF4CD626B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDFE457-8B02-423E-9B63-612203FD3596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEC4CB6-0594-4A89-9663-6127A6F21057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39D2875-1A2A-462B-8D3B-456796C07E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5F9E22-3D34-4755-867A-670ABC10442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEBF248-B895-4915-940F-40A667C2DDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDC238A-1A00-48B8-9C51-F51070159E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1910423-E75A-4CB7-8392-91EBFF302049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE8110E-E63B-427F-B4B6-E5FAFBA23749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0CD897-552A-4B28-BCB8-8AFCA7D2E24C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F604FB-CB3E-42FF-8C2E-B234BCCA20F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BED53BF1-0683-4151-A00D-846D052798CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30C9B83D-54D0-4C11-BD6F-542DF7CBE6C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en un subconjunto de las API REST de Cisco Prime Infrastructure y Cisco Evolved Programmable Network Manager (EPNM) podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios realice un ataque de inyecci\u00f3n SQL a ciegas. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud manipulada a una API afectada. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver datos en algunas tablas de bases de datos en un dispositivo afectado."
}
],
"id": "CVE-2025-20272",
"lastModified": "2025-07-31T15:15:35.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-07-16T17:15:28.613",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20203
Vulnerability from fkie_nvd - Published: 2025-04-02 17:15 - Updated: 2025-08-01 16:56
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56AFA6AB-2E75-4DFD-9C89-3050E7328C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9C14F6-310E-4B7D-8F97-898C494E7864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98DB8EC6-AAF4-452F-A291-B7890CD9B0EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6844EAA6-744F-4F03-BF01-26B17C968D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A46F350A-5DA5-4DD4-8E49-25D5CC8BF8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB9FD11-B85C-42E1-8292-4DCF383A76C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9BB770-15ED-4CAA-84BB-3E547FA73936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EACE74-3F09-41B8-B488-CD3283AB469B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F8AEDEC5-FC70-4BB0-B513-1C3ED72ED188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7858DF-D3EE-4E8C-BBF8-12ACB1026982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E318D077-AEB7-42B3-B8CE-FE8D70BF992A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEECECA7-6D23-4417-BA1C-15CE700FBBF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA18342-A0FB-4ACB-87B1-33DB499F41D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81133BED-E0E0-4AF8-B7CA-EAF15A92BDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B844F015-66F3-43E2-8FC8-E5F1AA6FFD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70DA07D0-C300-4B41-9FF6-5A4D0A3AF2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27DF884D-4DDB-497E-B6BA-207FF56F7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E38F863-F537-4829-B984-69517AEA96E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD561E5-4C42-473A-AF4D-EB0B4E702E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23C2726-E0A7-4791-92E7-F11C239A2D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "776F5F18-2510-4A3E-8A21-69BAB385265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB5C7E5-A652-4D4C-83C3-151BF4E9B829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "52F2C75C-C4B0-4738-B41A-CA0270483955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9820AE3-1248-4426-84D4-EB346736FEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89D6472B-206B-456D-8D91-CA630B2E1835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A60AF22A-92DF-4FBC-B5B4-8C670420DB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D4CEA-A280-48B0-B485-77B9F451CB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D96EB248-D1B4-4273-8B92-AAD53CA3B6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CEA1C0-6A77-4DAC-A91D-6F41E9D87C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098002C5-97F7-4075-B2B1-9E70FD05825F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAD566A-BBAE-4F6E-A82B-F571FC105818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DA497EE7-95DB-48A1-A160-EEE8E8C02DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "660C43C3-48A9-4330-BBF2-951F2227B852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5A875D-8178-46B1-BC30-7D30FBBE57F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B80B160-8A87-4611-9309-1B51F972BBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6B8A96-1A84-4406-9158-94D35DF2163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F347336-4D4D-460C-8D3A-26265F52988F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "370519A8-8026-4D88-B29B-573F486DF584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5560362-925E-4777-8716-1FCE8E5D984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0491DDC-9A4F-4C5C-B9C6-681E519CDE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "99C1188F-2D14-4B97-AFF7-A0608CB99376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "794C923F-D62B-4DA5-9067-342E90AE03C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B61414-736F-4238-95BC-B19A58CA27A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5666901E-4537-4378-BA8A-A37B6893EB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48900C79-AA7A-41D1-89BF-E6E2D3B57B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F782F5B-5EF6-4618-87D0-B7371918AC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5DAF31-1FC6-4A0F-957B-0383FD9DA294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50B60082-790B-41B1-B5C3-78378B1FF170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3AA6-8F93-4D97-9177-B05BD6132C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7885D8-CEC4-4E5F-9911-7ACF645B80E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C86EE9-9CE6-4C50-BF60-3CFD22E4C4DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DED9D22-7764-448A-9F7D-DB950B1D95A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBD14FB-DB01-4065-AE4B-EECB858F59C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E6D5B7-AA57-47E0-B208-08AB4AC3041C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC2F8B-AE92-4A6F-A7DB-327F6114BD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D509F6-8AF3-4CEE-A895-F7C1240E81CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9167E9-192F-43B6-95E1-B93D74CBAA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF50BFC-66A0-4EA7-869F-B5805D82999B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B06061-139E-45E9-93DA-1F45E11F57CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0ACAAD-8400-4360-8B45-CE24EABBDD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "891EE1AA-951E-4DE7-ACAE-110A62FB0D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543C76-AF44-4FB2-ADE0-B5A077F118D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC517987-F5C2-4158-988A-36E86662028C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71136B64-8BA2-451B-AABD-BF0658E3C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B673A8-DFF1-4088-9367-6EE79E5ACE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE4B2BD-3551-44D5-BC69-2608DE6FE499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A194A3-6F1C-4A9F-89E7-3B27CAAC93B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C65FB27-E881-418A-8CAF-E0760C55FC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5323F5F-0D26-41DA-B37A-790B036B5233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14726D39-6480-44B7-911A-7CF49987CE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4609ADFF-221D-4DD5-A7BA-EA29CECE5CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B81A9D2-33C2-4331-B98C-15B0AE400873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4E5000-37BD-484D-8DC2-7728CA5AB531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC07C2BB-5D71-47B6-96F1-FD1343AD72E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C35B0A0-BCCE-44F0-830B-D927797DFEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED874BF9-2384-4EF4-BE82-9A90F5A4C8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3600AB-AF4E-402E-B9D6-74852C42D04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F366853-DDBE-4AA1-94F3-BD906C321A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85EF2166-E513-4677-83D9-3B3330B54115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41D7C144-3041-43FD-A451-7650900FAC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAB236C-867E-488D-8718-7B7EC112E3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "173A7696-84F1-4682-BD08-504935787ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B76D780-B0E7-4CF4-90AF-34A3E4F2D99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91D93C24-B7B7-4047-A398-081F95735265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFB6F03-FD41-41B7-B8EE-7A05046081EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "027F461C-78DB-4BF1-86D2-D8585B647053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C336F493-CE87-40ED-8263-9A447A2F88F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10EB05BB-74F7-4795-AF5C-66A134727709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "718F8440-7128-404A-B91F-681E289FAECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42E2FAB6-3F96-4100-97FC-5CE8B7C3EA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4BD6-46FB-4E19-8BE4-83AF4CD626B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDFE457-8B02-423E-9B63-612203FD3596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEC4CB6-0594-4A89-9663-6127A6F21057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39D2875-1A2A-462B-8D3B-456796C07E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5F9E22-3D34-4755-867A-670ABC10442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEBF248-B895-4915-940F-40A667C2DDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDC238A-1A00-48B8-9C51-F51070159E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1910423-E75A-4CB7-8392-91EBFF302049",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE8110E-E63B-427F-B4B6-E5FAFBA23749",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64393984-EE5D-4EDD-B409-D5D09DA8933C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F77EAEEB-21B8-4E72-9129-782DF30E4624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "C92892CA-CBEA-40AA-9255-69CD85813592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867EA718-9DDD-4218-8A65-C637458CB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7678B118-E00C-4B1E-8B40-D3233DE3615C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EADD53A-CCEA-44B3-B825-8311CBD2C088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26172E3A-1963-4D1B-B0D2-D3323448CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.56:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E5B368-C2FF-402F-B636-51F4D74C218D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7785C295-46BA-4803-9CDE-7838931DACBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CAB27D0C-8530-4672-82E3-9765E17EE60B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "ABC8CDDF-FCBA-4795-A65D-11A64E846647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D1C9FD43-FA29-457C-AEE5-298B32D52733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03:*:*:*:*:*:*",
"matchCriteriaId": "4634820E-5D21-4A8A-AA53-9F2D55E8D84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04:*:*:*:*:*:*",
"matchCriteriaId": "EFDE4B1F-4B66-4121-AB09-23DD7693A685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0CB4B2E5-BC01-4B0B-9DDF-1AC1F80485D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02:*:*:*:*:*:*",
"matchCriteriaId": "FD6DE143-92B8-494D-9AD7-26DE51594A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03:*:*:*:*:*:*",
"matchCriteriaId": "2460BCA0-DC63-44DF-8487-398AADCD6E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04:*:*:*:*:*:*",
"matchCriteriaId": "6576E2D3-108E-4A97-9B6D-2414126A771B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05:*:*:*:*:*:*",
"matchCriteriaId": "E63ED095-1E50-4194-9289-24D2E91D040C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06:*:*:*:*:*:*",
"matchCriteriaId": "B3FABE9E-AF4D-4526-A709-69AA7ED349CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9E3FB-AD79-498D-918A-7C97BA1DD492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7C8E1B-A85D-4EFC-9886-F984E2A7A4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8559E064-93BC-4B54-BBF1-AE3A4B236B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA6E2EC-F10C-43D1-BCF2-C040D7F1B305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF98F43-771F-41A3-8F7A-13076D602A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "54E6140D-C998-4443-84AB-4F4ADC4B72B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FFBC94-50A0-4257-A2E4-4D2F45972706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E716A-9A50-4DF3-8245-655E339F633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A12E50-6F9B-46CF-9F3F-4E234CB61476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E34F81-BBDF-4294-9F51-5C9B6B475A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27FCE53D-43B6-41A3-B374-3EA2F6B14C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56D96F2E-D32A-458A-B221-3CF68BA2FB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7124F999-450D-479F-9F9B-C566A611318F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA816E0-7306-4254-B744-C595A0E0EC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4185137A-20E6-48EB-8E77-077F2A59AB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD9A93C-FE79-4323-BBF1-F9B2CD559570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B35B1DC-B09B-4901-A09E-3DC9A3D72FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D41817A2-8B83-48E8-AEA6-33488BA55B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9D0F39-43DA-40EF-AFC7-A1D97304ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DE754-6638-415C-AE38-567D4465747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF85F2F6-6C5F-4707-9BB7-AE8565D17238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79E64F9D-E85F-497F-8D2A-DC04DC89CB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp4:*:*:*:*:*:*:*",
"matchCriteriaId": "D12A9855-C8F8-4030-BF4F-2C99B3E865C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp5:*:*:*:*:*:*:*",
"matchCriteriaId": "A08904AE-0EB3-435D-A1DB-F72D4AA259C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp6:*:*:*:*:*:*:*",
"matchCriteriaId": "098B957B-4D48-4744-B0C6-B924A9CE51AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp7:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC50793-3306-430A-8958-6D297B009968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp8:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADA04E2-825C-40A1-A176-EC2D080FEF95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp9:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC8829F-F26E-4601-BA55-DBD087E9180E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp10:*:*:*:*:*:*:*",
"matchCriteriaId": "DE333E60-96C8-4AEE-B392-53216D69D732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp11:*:*:*:*:*:*:*",
"matchCriteriaId": "12899B12-60B8-4533-9DC8-55111EFBBB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp12:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B18782-A19C-4AB0-94D4-DFB30A2068BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp13:*:*:*:*:*:*:*",
"matchCriteriaId": "D7316219-08D0-4AF4-B5E3-4E32CA1F0CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp14:*:*:*:*:*:*:*",
"matchCriteriaId": "FE924F0F-F1D4-475A-BC35-66C3DBF58AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp15:*:*:*:*:*:*:*",
"matchCriteriaId": "BD89E049-2F09-4BDF-9D1B-6B6546E76DE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1_dp16:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F2F8C0-6884-4586-924C-F7C4267814C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7072B5B6-EA73-42D3-BC91-2068780D9C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB2BBF-DA7D-4DCD-9997-564F0FACFC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89963594-03CA-412A-A03C-A88480364EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F868D71-1E81-4A67-854C-8C98AD4A0D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C76A97D-E32C-4F5C-85A5-31AD0E9B966E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2_dp2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1F2871E-71C1-4363-88DE-5833A443160D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2_dp3:*:*:*:*:*:*:*",
"matchCriteriaId": "22A416B1-E052-4D50-87B9-D4F2496FAD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2_dp4:*:*:*:*:*:*:*",
"matchCriteriaId": "07EA4E4D-BFA2-458C-8FAB-8CA065FAEC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "86044D17-2855-4C60-8E29-73F65A0ECC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "C68C71CF-A076-4D69-BF6C-C362B6E448E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39804A21-0999-4E14-8F9D-9F7FD1073B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "A911CFBD-E455-410B-826C-A6B340E92C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3_dp2:*:*:*:*:*:*:*",
"matchCriteriaId": "1357F42F-0E96-4ABD-A5E6-027FBC7777CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3_dp3:*:*:*:*:*:*:*",
"matchCriteriaId": "46CD3F22-2C77-4B10-A338-104966FA1865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3_dp4:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADA62E7-52C4-4FC5-ABC3-5CAE80BED913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE385F7-C743-4BF0-BA6F-DB335E791912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "A90E72A0-0E08-4C82-A60A-4EFB8CAB318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "2CC00B0F-3523-4F4A-B161-AAF1801A3774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "519CBBDE-52E0-4298-A9AC-D1128418FF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B17FBF2F-FCE4-4D1E-BD21-5CD048DEFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:update01:*:*:*:*:*:*",
"matchCriteriaId": "2E40D55B-F582-45C5-996B-2AFC0E69E96B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "18010978-7006-42CE-8822-14ADD6C6DF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp2:*:*:*:*:*:*:*",
"matchCriteriaId": "79841A9E-1C37-4A49-8B9E-B3CC13FD9562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp3:*:*:*:*:*:*:*",
"matchCriteriaId": "C984BC1D-A41E-4D27-9062-D0D0570A4FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp4:*:*:*:*:*:*:*",
"matchCriteriaId": "888DC5DC-CF84-41A1-AB39-0B62D8D34C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp5:*:*:*:*:*:*:*",
"matchCriteriaId": "09075F1B-9802-4E12-968F-E3AC0EE9A41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp6:*:*:*:*:*:*:*",
"matchCriteriaId": "3A58F92D-AF2D-4558-BD9D-F10DCA63A799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp7:*:*:*:*:*:*:*",
"matchCriteriaId": "E65EE426-861B-460F-A644-000FE8714216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp8:*:*:*:*:*:*:*",
"matchCriteriaId": "C76CA00D-283F-473D-AE71-21FF9056AED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp9:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCAFD22-63AD-492E-9C61-D2E9B3658D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp10:*:*:*:*:*:*:*",
"matchCriteriaId": "B68E8DEE-4CE8-467E-9C26-2DC180E92E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4_dp11:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD8E42E-2115-4362-B6C0-44C9BB08521C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D68AC23D-4212-48F8-8894-DA0233A2BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "4AEF56A6-21AA-4BF1-BE3F-113DABD76B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "22B1A35F-C510-4CC2-89A1-8DD68EC33A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "8B6317B8-8B5C-4B4A-9ED6-F66E161C6196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B42BA02D-F4DE-49E0-AFA2-1D4C9A478611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "77635D04-25B1-46A8-9B59-82A77C251574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "01F4CF5B-AF03-4F88-BE46-819FC377657F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "B902E76C-8444-4E39-8A99-2FC3D4B28919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FE222A-ACF5-4CD7-B128-18D53C6FA6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5_dp2:*:*:*:*:*:*:*",
"matchCriteriaId": "D5F055AA-B8AC-4C39-908E-065B571FCC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5_dp3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE16F84-C0B1-425B-99E4-DC70A2E461DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5_dp4:*:*:*:*:*:*:*",
"matchCriteriaId": "E2492CF0-7586-48CA-9FE6-BBDC35443D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B7C53970-9365-41A4-AAAD-1147AFBD1FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "9C9E8642-8B10-47E2-8225-CD11B5F16B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "AEC112A1-9AF9-41EA-A7EF-EE3720D98254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "5E029C00-8244-403A-95DC-57DFEF38AA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update04:*:*:*:*:*:*",
"matchCriteriaId": "ADBE4F87-EEF0-4ABD-B09C-DF2E77CBF96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C51250D-5FED-4693-8FD1-27676059296C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B924D456-55B2-4743-B243-5BCBAA0F561C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "B0C94ABC-46A6-44DD-A793-82D2F4385BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CDE92A73-E7D6-4DA7-8647-837E03241B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "9BAFBA6A-EA82-498B-975A-9460BB36F179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "7411C94F-FACE-4FD0-9123-6DCB2D80BF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "36DE6B49-E5C7-455A-9B37-E14A967CC8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "B13AD86C-A307-4C11-9DD0-74B9B1D7197D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update05:*:*:*:*:*:*",
"matchCriteriaId": "EBBED7A4-D480-4B07-83E0-45FEF49DBF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update06:*:*:*:*:*:*",
"matchCriteriaId": "D1CDA1D0-17B2-45D3-B047-43FF2637E367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update07:*:*:*:*:*:*",
"matchCriteriaId": "42287B1C-224A-478C-A484-F03F68ED0F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "145C0AE9-59FF-4469-8680-B465D3547276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7_dp2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEAD7E5-514F-4815-9764-ED3D5BCC6DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B88DD47B-C413-4104-AC86-A00E2CE7B785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "D625630E-1F36-46BA-BCCA-AF5DBAE5383D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "3792F396-CFBB-4EC4-B2AB-A46ED25B34B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "608240CD-CD6C-42A3-9590-7F37B35EDC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A943CAA9-53DF-4E95-B2EE-DD4CBA80F3ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "0FD2F936-8848-4F90-A6C3-26EFD5262B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "599350C2-9BEB-456E-B485-F98EBD20A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "1BBB2C8B-2353-4F5C-B87A-9C919874DAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "88A921DF-C8F6-4C2D-AECF-024D138B13DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "65424DB3-01B9-4E06-97ED-65F7E20A6A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "033DFCA4-7CEA-473F-9C6F-36D9D7271D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "EA458C15-66E7-4976-8805-A10608BF7C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A691B1FC-75E6-47E9-8C3F-25CDCFDE2C68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "92F7EDFF-4D52-4436-A207-D3D350E3A282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "DD08F6B6-11A9-4DFD-A883-7F7CF8788594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "EA402B08-1F79-4B61-A8CD-CBA082FAF2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "A315FCEA-E911-422B-A93F-D7A927070DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:update01:*:*:*:*:*:*",
"matchCriteriaId": "E6F5C15A-061F-4260-AC1F-AFCED6ECEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1B2DCE-C1B6-4186-8067-6979ADD16467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87FCE452-921D-4404-9FA3-135A957F32CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "594DC226-FE9F-46F3-AECE-0F2FE06CDC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46E52EE9-7B3F-4F82-8411-089DA8B1FD4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-:*:*:*:*:*:*",
"matchCriteriaId": "8E76E81B-A235-4A19-AAE4-319CB7840673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update01:*:*:*:*:*:*",
"matchCriteriaId": "DC554CB1-9112-43B5-A279-5EC110698A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update02:*:*:*:*:*:*",
"matchCriteriaId": "10E7FC9C-EB9C-45D1-AA8F-FC3F4A153C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update03:*:*:*:*:*:*",
"matchCriteriaId": "E3A13607-DB2A-4BCD-877A-6EEDCDDB5404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "497C3D07-43EB-4919-A902-A650EDE4BEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D092AD-F53B-4FC3-9CB8-664F0E0C2D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10_dp1:*:*:*:*:*:*:*",
"matchCriteriaId": "04A4DF4B-2D91-4D0D-88EA-54D8199CF0DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r \r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]"
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Evolved Programmable Network Manager (EPNM) y Cisco Prime Infrastructure podr\u00eda permitir que un atacante remoto autenticado realice un ataque de cross-site scripting (XSS) almacenado contra los usuarios de la interfaz de un sistema afectado. La vulnerabilidad existe porque la interfaz de administraci\u00f3n web no valida correctamente la informaci\u00f3n proporcionada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad insertando c\u00f3digo malicioso en campos de datos espec\u00edficos de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial del navegador. Para explotar esta vulnerabilidad, el atacante debe tener credenciales administrativas v\u00e1lidas. {{value}} [\"%7b%7bvalue%7d%7d\"])}]]"
}
],
"id": "CVE-2025-20203",
"lastModified": "2025-08-01T16:56:36.167",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-04-02T17:15:43.700",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20120
Vulnerability from fkie_nvd - Published: 2025-04-02 17:15 - Updated: 2025-08-06 15:25
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64393984-EE5D-4EDD-B409-D5D09DA8933C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F77EAEEB-21B8-4E72-9129-782DF30E4624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "C92892CA-CBEA-40AA-9255-69CD85813592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867EA718-9DDD-4218-8A65-C637458CB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7678B118-E00C-4B1E-8B40-D3233DE3615C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EADD53A-CCEA-44B3-B825-8311CBD2C088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "26172E3A-1963-4D1B-B0D2-D3323448CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1.56:*:*:*:*:*:*:*",
"matchCriteriaId": "B9E5B368-C2FF-402F-B636-51F4D74C218D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7785C295-46BA-4803-9CDE-7838931DACBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CAB27D0C-8530-4672-82E3-9765E17EE60B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "ABC8CDDF-FCBA-4795-A65D-11A64E846647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D1C9FD43-FA29-457C-AEE5-298B32D52733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03:*:*:*:*:*:*",
"matchCriteriaId": "4634820E-5D21-4A8A-AA53-9F2D55E8D84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04:*:*:*:*:*:*",
"matchCriteriaId": "EFDE4B1F-4B66-4121-AB09-23DD7693A685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-:*:*:*:*:*:*",
"matchCriteriaId": "0CB4B2E5-BC01-4B0B-9DDF-1AC1F80485D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02:*:*:*:*:*:*",
"matchCriteriaId": "FD6DE143-92B8-494D-9AD7-26DE51594A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03:*:*:*:*:*:*",
"matchCriteriaId": "2460BCA0-DC63-44DF-8487-398AADCD6E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04:*:*:*:*:*:*",
"matchCriteriaId": "6576E2D3-108E-4A97-9B6D-2414126A771B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05:*:*:*:*:*:*",
"matchCriteriaId": "E63ED095-1E50-4194-9289-24D2E91D040C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06:*:*:*:*:*:*",
"matchCriteriaId": "B3FABE9E-AF4D-4526-A709-69AA7ED349CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54D9E3FB-AD79-498D-918A-7C97BA1DD492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7C8E1B-A85D-4EFC-9886-F984E2A7A4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8559E064-93BC-4B54-BBF1-AE3A4B236B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "ACA6E2EC-F10C-43D1-BCF2-C040D7F1B305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF98F43-771F-41A3-8F7A-13076D602A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "54E6140D-C998-4443-84AB-4F4ADC4B72B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FFBC94-50A0-4257-A2E4-4D2F45972706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E716A-9A50-4DF3-8245-655E339F633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A12E50-6F9B-46CF-9F3F-4E234CB61476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E34F81-BBDF-4294-9F51-5C9B6B475A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27FCE53D-43B6-41A3-B374-3EA2F6B14C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56D96F2E-D32A-458A-B221-3CF68BA2FB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7124F999-450D-479F-9F9B-C566A611318F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA816E0-7306-4254-B744-C595A0E0EC8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack10:*:*:*:*:*:*",
"matchCriteriaId": "EA0E0381-2EC4-4B77-9279-A4A50E0FBF9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack11:*:*:*:*:*:*",
"matchCriteriaId": "3FA02B4C-5915-4253-8447-995FE3878F4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack12:*:*:*:*:*:*",
"matchCriteriaId": "06E572CF-2CF4-4F09-AA16-C936E9AFA192",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack13:*:*:*:*:*:*",
"matchCriteriaId": "5C0D6B9A-B1A9-4E50-BFD7-84F9AA1A7F8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack14:*:*:*:*:*:*",
"matchCriteriaId": "C1D1E78E-C4A6-47E4-9540-8DA606972D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack15:*:*:*:*:*:*",
"matchCriteriaId": "81EA7914-211B-46C2-92EA-F982FFCFE9D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack16:*:*:*:*:*:*",
"matchCriteriaId": "5BA99BE2-3679-43CF-98EE-8206491AFD64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "C35E075A-784E-43F8-86FA-AA05E589A5E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack5:*:*:*:*:*:*",
"matchCriteriaId": "A2A5986F-0ECD-4522-972D-0A19AC34E449",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack6:*:*:*:*:*:*",
"matchCriteriaId": "98CDAF8A-3D4F-458C-965E-104E3A46BDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack7:*:*:*:*:*:*",
"matchCriteriaId": "1938AB2B-2F6B-4493-8789-3319A8956BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack8:*:*:*:*:*:*",
"matchCriteriaId": "CE0FFCC7-E364-4B24-ABC2-F5AE1B168C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack9:*:*:*:*:*:*",
"matchCriteriaId": "FA9AD8F9-D8D8-43C4-8D5A-D4164E3BE112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4185137A-20E6-48EB-8E77-077F2A59AB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD9A93C-FE79-4323-BBF1-F9B2CD559570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4B35B1DC-B09B-4901-A09E-3DC9A3D72FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D41817A2-8B83-48E8-AEA6-33488BA55B7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9D0F39-43DA-40EF-AFC7-A1D97304ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DE754-6638-415C-AE38-567D4465747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EF85F2F6-6C5F-4707-9BB7-AE8565D17238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "79E64F9D-E85F-497F-8D2A-DC04DC89CB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7072B5B6-EA73-42D3-BC91-2068780D9C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "8C766DB5-4EDB-4FD4-A098-6CC6FEEF84A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "4D65342D-2534-497E-B6BE-6ACBDF0CB8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "A1E60B96-5AB6-43E6-A1A7-C1C1817E54B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "644B3480-97D0-439F-8666-E28626542B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB2BBF-DA7D-4DCD-9997-564F0FACFC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89963594-03CA-412A-A03C-A88480364EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1F868D71-1E81-4A67-854C-8C98AD4A0D3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "48BA374B-1CB7-4366-A56A-67401AA44D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "45BC31AB-146B-4B14-B28F-FBCBAC4A30C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "0F0670D9-89F8-4595-B7BD-E50BBCEAF41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "CAC83DB6-FA40-4840-BA1E-AD49E0FE1266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "86044D17-2855-4C60-8E29-73F65A0ECC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "C68C71CF-A076-4D69-BF6C-C362B6E448E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39804A21-0999-4E14-8F9D-9F7FD1073B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C8E3FAB1-B6B4-4190-BD2B-F0187B836B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack10:*:*:*:*:*:*",
"matchCriteriaId": "158E229F-F867-42A7-8324-4C6476858F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack11:*:*:*:*:*:*",
"matchCriteriaId": "E29F5A37-9AE0-4723-A5F8-8CBCDDE84D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "6555C79F-4E72-4F9A-BDE4-9B7D911D533F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "201AB5ED-75D3-4955-A5BB-CEB4B1AF5A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "997BDD6A-1615-46B0-8157-73B7B679BD46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack5:*:*:*:*:*:*",
"matchCriteriaId": "2AC8FE53-D41F-41A2-9F14-661066B98C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack6:*:*:*:*:*:*",
"matchCriteriaId": "47485BFB-3A08-492E-8DA2-33AEEBA4EA30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack7:*:*:*:*:*:*",
"matchCriteriaId": "E37B1B4A-3151-410D-B7FE-470B7671DAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack8:*:*:*:*:*:*",
"matchCriteriaId": "26CB9171-B5E9-47F2-8B53-5CF8A27457B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack9:*:*:*:*:*:*",
"matchCriteriaId": "0DD9243A-95AB-4F6C-BBF1-FDA7D6D3B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE385F7-C743-4BF0-BA6F-DB335E791912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "A90E72A0-0E08-4C82-A60A-4EFB8CAB318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "2CC00B0F-3523-4F4A-B161-AAF1801A3774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "519CBBDE-52E0-4298-A9AC-D1128418FF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "B17FBF2F-FCE4-4D1E-BD21-5CD048DEFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.2:update01:*:*:*:*:*:*",
"matchCriteriaId": "2E40D55B-F582-45C5-996B-2AFC0E69E96B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C7D036FB-69EC-40EE-8DDD-A4E066AFDD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "ECDD0096-0280-4F07-9EE9-C01322F117D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack3:*:*:*:*:*:*",
"matchCriteriaId": "31636942-878E-4A89-8F96-AC607284EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack4:*:*:*:*:*:*",
"matchCriteriaId": "582B81B5-2C6B-4B0E-86DC-6FA3B1605E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D68AC23D-4212-48F8-8894-DA0233A2BD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "4AEF56A6-21AA-4BF1-BE3F-113DABD76B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "22B1A35F-C510-4CC2-89A1-8DD68EC33A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "8B6317B8-8B5C-4B4A-9ED6-F66E161C6196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B42BA02D-F4DE-49E0-AFA2-1D4C9A478611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "77635D04-25B1-46A8-9B59-82A77C251574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "01F4CF5B-AF03-4F88-BE46-819FC377657F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "B902E76C-8444-4E39-8A99-2FC3D4B28919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6:device_pack1*:*:*:*:*:*:*",
"matchCriteriaId": "4B634CBF-5F06-41FE-87F0-317E2A01A5FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B7C53970-9365-41A4-AAAD-1147AFBD1FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "9C9E8642-8B10-47E2-8225-CD11B5F16B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "AEC112A1-9AF9-41EA-A7EF-EE3720D98254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "5E029C00-8244-403A-95DC-57DFEF38AA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update04:*:*:*:*:*:*",
"matchCriteriaId": "ADBE4F87-EEF0-4ABD-B09C-DF2E77CBF96E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "D0E3BCC4-F7A5-42F8-BAFF-245A279D8B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack2:*:*:*:*:*:*",
"matchCriteriaId": "B5092589-2C56-4E6E-8A5A-343C4A9A9727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B924D456-55B2-4743-B243-5BCBAA0F561C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:update03:*:*:*:*:*:*",
"matchCriteriaId": "B0C94ABC-46A6-44DD-A793-82D2F4385BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "CDE92A73-E7D6-4DA7-8647-837E03241B4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "9BAFBA6A-EA82-498B-975A-9460BB36F179",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "7411C94F-FACE-4FD0-9123-6DCB2D80BF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "36DE6B49-E5C7-455A-9B37-E14A967CC8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "B13AD86C-A307-4C11-9DD0-74B9B1D7197D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update05:*:*:*:*:*:*",
"matchCriteriaId": "EBBED7A4-D480-4B07-83E0-45FEF49DBF43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update06:*:*:*:*:*:*",
"matchCriteriaId": "D1CDA1D0-17B2-45D3-B047-43FF2637E367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update07:*:*:*:*:*:*",
"matchCriteriaId": "42287B1C-224A-478C-A484-F03F68ED0F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "C0162245-9B36-446A-986C-7D29E94BF46C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B88DD47B-C413-4104-AC86-A00E2CE7B785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "D625630E-1F36-46BA-BCCA-AF5DBAE5383D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update02:*:*:*:*:*:*",
"matchCriteriaId": "3792F396-CFBB-4EC4-B2AB-A46ED25B34B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "608240CD-CD6C-42A3-9590-7F37B35EDC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A943CAA9-53DF-4E95-B2EE-DD4CBA80F3ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "0FD2F936-8848-4F90-A6C3-26EFD5262B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "599350C2-9BEB-456E-B485-F98EBD20A38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "1BBB2C8B-2353-4F5C-B87A-9C919874DAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "A8CF95CB-5A0D-4CD1-9179-62370D1B2CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "65424DB3-01B9-4E06-97ED-65F7E20A6A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:update01:*:*:*:*:*:*",
"matchCriteriaId": "033DFCA4-7CEA-473F-9C6F-36D9D7271D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "EA458C15-66E7-4976-8805-A10608BF7C9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update01:*:*:*:*:*:*",
"matchCriteriaId": "A691B1FC-75E6-47E9-8C3F-25CDCFDE2C68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update02:*:*:*:*:*:*",
"matchCriteriaId": "92F7EDFF-4D52-4436-A207-D3D350E3A282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update03:*:*:*:*:*:*",
"matchCriteriaId": "DD08F6B6-11A9-4DFD-A883-7F7CF8788594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update04:*:*:*:*:*:*",
"matchCriteriaId": "EA402B08-1F79-4B61-A8CD-CBA082FAF2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:device_pack1:*:*:*:*:*:*",
"matchCriteriaId": "A432C185-0016-4047-A377-5F4BDCECC2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10:update01:*:*:*:*:*:*",
"matchCriteriaId": "E6F5C15A-061F-4260-AC1F-AFCED6ECEEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1B2DCE-C1B6-4186-8067-6979ADD16467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87FCE452-921D-4404-9FA3-135A957F32CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "594DC226-FE9F-46F3-AECE-0F2FE06CDC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "46E52EE9-7B3F-4F82-8411-089DA8B1FD4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-:*:*:*:*:*:*",
"matchCriteriaId": "8E76E81B-A235-4A19-AAE4-319CB7840673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update01:*:*:*:*:*:*",
"matchCriteriaId": "DC554CB1-9112-43B5-A279-5EC110698A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update02:*:*:*:*:*:*",
"matchCriteriaId": "10E7FC9C-EB9C-45D1-AA8F-FC3F4A153C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update03:*:*:*:*:*:*",
"matchCriteriaId": "E3A13607-DB2A-4BCD-877A-6EEDCDDB5404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "497C3D07-43EB-4919-A902-A650EDE4BEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D092AD-F53B-4FC3-9CB8-664F0E0C2D1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56AFA6AB-2E75-4DFD-9C89-3050E7328C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9C14F6-310E-4B7D-8F97-898C494E7864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "98DB8EC6-AAF4-452F-A291-B7890CD9B0EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6844EAA6-744F-4F03-BF01-26B17C968D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A46F350A-5DA5-4DD4-8E49-25D5CC8BF8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FAB9FD11-B85C-42E1-8292-4DCF383A76C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9BB770-15ED-4CAA-84BB-3E547FA73936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EACE74-3F09-41B8-B488-CD3283AB469B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F8AEDEC5-FC70-4BB0-B513-1C3ED72ED188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F7858DF-D3EE-4E8C-BBF8-12ACB1026982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E318D077-AEB7-42B3-B8CE-FE8D70BF992A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CEECECA7-6D23-4417-BA1C-15CE700FBBF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FA18342-A0FB-4ACB-87B1-33DB499F41D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81133BED-E0E0-4AF8-B7CA-EAF15A92BDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B844F015-66F3-43E2-8FC8-E5F1AA6FFD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70DA07D0-C300-4B41-9FF6-5A4D0A3AF2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "27DF884D-4DDB-497E-B6BA-207FF56F7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E38F863-F537-4829-B984-69517AEA96E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD561E5-4C42-473A-AF4D-EB0B4E702E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23C2726-E0A7-4791-92E7-F11C239A2D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "776F5F18-2510-4A3E-8A21-69BAB385265A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB5C7E5-A652-4D4C-83C3-151BF4E9B829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "52F2C75C-C4B0-4738-B41A-CA0270483955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9820AE3-1248-4426-84D4-EB346736FEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89D6472B-206B-456D-8D91-CA630B2E1835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A60AF22A-92DF-4FBC-B5B4-8C670420DB65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D4CEA-A280-48B0-B485-77B9F451CB48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D96EB248-D1B4-4273-8B92-AAD53CA3B6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CEA1C0-6A77-4DAC-A91D-6F41E9D87C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "098002C5-97F7-4075-B2B1-9E70FD05825F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAD566A-BBAE-4F6E-A82B-F571FC105818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DA497EE7-95DB-48A1-A160-EEE8E8C02DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "660C43C3-48A9-4330-BBF2-951F2227B852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5A875D-8178-46B1-BC30-7D30FBBE57F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B80B160-8A87-4611-9309-1B51F972BBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6B8A96-1A84-4406-9158-94D35DF2163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F347336-4D4D-460C-8D3A-26265F52988F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "370519A8-8026-4D88-B29B-573F486DF584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5560362-925E-4777-8716-1FCE8E5D984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C0491DDC-9A4F-4C5C-B9C6-681E519CDE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "99C1188F-2D14-4B97-AFF7-A0608CB99376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "794C923F-D62B-4DA5-9067-342E90AE03C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B61414-736F-4238-95BC-B19A58CA27A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5666901E-4537-4378-BA8A-A37B6893EB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48900C79-AA7A-41D1-89BF-E6E2D3B57B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F782F5B-5EF6-4618-87D0-B7371918AC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5DAF31-1FC6-4A0F-957B-0383FD9DA294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50B60082-790B-41B1-B5C3-78378B1FF170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3AA6-8F93-4D97-9177-B05BD6132C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7885D8-CEC4-4E5F-9911-7ACF645B80E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C86EE9-9CE6-4C50-BF60-3CFD22E4C4DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DED9D22-7764-448A-9F7D-DB950B1D95A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBD14FB-DB01-4065-AE4B-EECB858F59C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4E6D5B7-AA57-47E0-B208-08AB4AC3041C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC2F8B-AE92-4A6F-A7DB-327F6114BD16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D509F6-8AF3-4CEE-A895-F7C1240E81CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9167E9-192F-43B6-95E1-B93D74CBAA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF50BFC-66A0-4EA7-869F-B5805D82999B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B06061-139E-45E9-93DA-1F45E11F57CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0ACAAD-8400-4360-8B45-CE24EABBDD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "891EE1AA-951E-4DE7-ACAE-110A62FB0D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F543C76-AF44-4FB2-ADE0-B5A077F118D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC517987-F5C2-4158-988A-36E86662028C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71136B64-8BA2-451B-AABD-BF0658E3C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B673A8-DFF1-4088-9367-6EE79E5ACE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE4B2BD-3551-44D5-BC69-2608DE6FE499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A194A3-6F1C-4A9F-89E7-3B27CAAC93B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C65FB27-E881-418A-8CAF-E0760C55FC42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E5323F5F-0D26-41DA-B37A-790B036B5233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14726D39-6480-44B7-911A-7CF49987CE98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4609ADFF-221D-4DD5-A7BA-EA29CECE5CBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B81A9D2-33C2-4331-B98C-15B0AE400873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FD4E5000-37BD-484D-8DC2-7728CA5AB531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC07C2BB-5D71-47B6-96F1-FD1343AD72E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C35B0A0-BCCE-44F0-830B-D927797DFEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED874BF9-2384-4EF4-BE82-9A90F5A4C8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3600AB-AF4E-402E-B9D6-74852C42D04A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F366853-DDBE-4AA1-94F3-BD906C321A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "85EF2166-E513-4677-83D9-3B3330B54115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41D7C144-3041-43FD-A451-7650900FAC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FAB236C-867E-488D-8718-7B7EC112E3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "173A7696-84F1-4682-BD08-504935787ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B76D780-B0E7-4CF4-90AF-34A3E4F2D99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91D93C24-B7B7-4047-A398-081F95735265",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFB6F03-FD41-41B7-B8EE-7A05046081EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "027F461C-78DB-4BF1-86D2-D8585B647053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C336F493-CE87-40ED-8263-9A447A2F88F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "718F8440-7128-404A-B91F-681E289FAECB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42E2FAB6-3F96-4100-97FC-5CE8B7C3EA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4BD6-46FB-4E19-8BE4-83AF4CD626B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDFE457-8B02-423E-9B63-612203FD3596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AEC4CB6-0594-4A89-9663-6127A6F21057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A39D2875-1A2A-462B-8D3B-456796C07E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5F9E22-3D34-4755-867A-670ABC10442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEBF248-B895-4915-940F-40A667C2DDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDC238A-1A00-48B8-9C51-F51070159E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1910423-E75A-4CB7-8392-91EBFF302049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n web de Cisco Evolved Programmable Network Manager (EPNM) y Cisco Prime Infrastructure podr\u00eda permitir que un atacante remoto no autenticado realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la informaci\u00f3n proporcionada por el usuario por la interfaz de administraci\u00f3n web de un sistema afectado. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando c\u00f3digo malicioso en p\u00e1ginas espec\u00edficas de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial del navegador."
}
],
"id": "CVE-2025-20120",
"lastModified": "2025-08-06T15:25:47.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-04-02T17:15:42.570",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2022-20656
Vulnerability from fkie_nvd - Published: 2024-11-15 16:15 - Updated: 2025-07-31 15:05
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.
This vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64393984-EE5D-4EDD-B409-D5D09DA8933C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867EA718-9DDD-4218-8A65-C637458CB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FFBC94-50A0-4257-A2E4-4D2F45972706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4185137A-20E6-48EB-8E77-077F2A59AB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DE754-6638-415C-AE38-567D4465747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7072B5B6-EA73-42D3-BC91-2068780D9C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB2BBF-DA7D-4DCD-9997-564F0FACFC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94CEFFFC-6C07-4685-AB75-4AA13D65490E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE385F7-C743-4BF0-BA6F-DB335E791912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D523AB04-9C0B-470D-AC6C-71086D0478C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "646772C6-0E35-4C25-AC42-3BD52532759A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "048584F1-E404-41D8-A715-7862B301B411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "208F409E-4B46-4557-A63F-8EC4BBF297E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14F3DA62-CAAC-48A1-8C32-1F19B756340B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D524B688-7CF9-4FA1-B04F-015F1707DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56AFA6AB-2E75-4DFD-9C89-3050E7328C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E318D077-AEB7-42B3-B8CE-FE8D70BF992A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23C2726-E0A7-4791-92E7-F11C239A2D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5A875D-8178-46B1-BC30-7D30FBBE57F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B61414-736F-4238-95BC-B19A58CA27A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5666901E-4537-4378-BA8A-A37B6893EB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48900C79-AA7A-41D1-89BF-E6E2D3B57B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F782F5B-5EF6-4618-87D0-B7371918AC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5DAF31-1FC6-4A0F-957B-0383FD9DA294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50B60082-790B-41B1-B5C3-78378B1FF170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3AA6-8F93-4D97-9177-B05BD6132C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7885D8-CEC4-4E5F-9911-7ACF645B80E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C86EE9-9CE6-4C50-BF60-3CFD22E4C4DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBD14FB-DB01-4065-AE4B-EECB858F59C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D509F6-8AF3-4CEE-A895-F7C1240E81CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9167E9-192F-43B6-95E1-B93D74CBAA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71136B64-8BA2-451B-AABD-BF0658E3C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B673A8-DFF1-4088-9367-6EE79E5ACE4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.\r\n\r\nThis vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.\r\nCisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto autenticado realice un ataque de path traversal en un dispositivo afectado. Para aprovechar esta vulnerabilidad, el atacante debe tener credenciales v\u00e1lidas en el sistema. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente de la URL HTTPS por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud manipulada que contenga secuencias de caracteres de directory traversal a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante escribir archivos arbitrarios en el sistema host. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"id": "CVE-2022-20656",
"lastModified": "2025-07-31T15:05:49.280",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2024-11-15T16:15:21.237",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-24"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2022-20657
Vulnerability from fkie_nvd - Published: 2024-11-15 16:15 - Updated: 2025-07-31 15:05
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64393984-EE5D-4EDD-B409-D5D09DA8933C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "867EA718-9DDD-4218-8A65-C637458CB457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56394A07-6D74-4588-8C05-DE04959F7FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FFBC94-50A0-4257-A2E4-4D2F45972706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4185137A-20E6-48EB-8E77-077F2A59AB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DE754-6638-415C-AE38-567D4465747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7072B5B6-EA73-42D3-BC91-2068780D9C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDB2BBF-DA7D-4DCD-9997-564F0FACFC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94CEFFFC-6C07-4685-AB75-4AA13D65490E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE385F7-C743-4BF0-BA6F-DB335E791912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D523AB04-9C0B-470D-AC6C-71086D0478C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "646772C6-0E35-4C25-AC42-3BD52532759A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "048584F1-E404-41D8-A715-7862B301B411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "208F409E-4B46-4557-A63F-8EC4BBF297E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:3.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14F3DA62-CAAC-48A1-8C32-1F19B756340B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D524B688-7CF9-4FA1-B04F-015F1707DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56AFA6AB-2E75-4DFD-9C89-3050E7328C47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E318D077-AEB7-42B3-B8CE-FE8D70BF992A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B23C2726-E0A7-4791-92E7-F11C239A2D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5A875D-8178-46B1-BC30-7D30FBBE57F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8B61414-736F-4238-95BC-B19A58CA27A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5666901E-4537-4378-BA8A-A37B6893EB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48900C79-AA7A-41D1-89BF-E6E2D3B57B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F782F5B-5EF6-4618-87D0-B7371918AC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5DAF31-1FC6-4A0F-957B-0383FD9DA294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50B60082-790B-41B1-B5C3-78378B1FF170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32EF3AA6-8F93-4D97-9177-B05BD6132C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7885D8-CEC4-4E5F-9911-7ACF645B80E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8C86EE9-9CE6-4C50-BF60-3CFD22E4C4DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBD14FB-DB01-4065-AE4B-EECB858F59C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43D509F6-8AF3-4CEE-A895-F7C1240E81CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9167E9-192F-43B6-95E1-B93D74CBAA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71136B64-8BA2-451B-AABD-BF0658E3C571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B673A8-DFF1-4088-9367-6EE79E5ACE4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco PI y Cisco EPNM podr\u00eda permitir que un atacante remoto no autenticado realice un ataque XSS contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario de una interfaz afectada para que haga clic en un v\u00ednculo manipulado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Cisco ha publicado actualizaciones de software que solucionan estas vulnerabilidades. No existen workarounds que solucionen estas vulnerabilidades."
}
],
"id": "CVE-2022-20657",
"lastModified": "2025-07-31T15:05:55.940",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-11-15T16:15:21.473",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20514
Vulnerability from fkie_nvd - Published: 2024-11-06 17:15 - Updated: 2025-07-31 17:09
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | evolved_programmable_network_manager | * | |
| cisco | prime_infrastructure | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3AC9B2-6C6C-4CEE-8C4A-3BA4566A4370",
"versionEndExcluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DE6377-FFFC-439B-95D0-5EC54C215018",
"versionEndExcluding": "3.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Evolved Programmable Network Manager (EPNM) y Cisco Prime Infrastructure podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad inyectando c\u00f3digo malicioso en una p\u00e1gina espec\u00edfica de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de secuencia de comandos arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador. Para aprovechar esta vulnerabilidad, el atacante debe tener al menos una cuenta con pocos privilegios en un dispositivo afectado."
}
],
"id": "CVE-2024-20514",
"lastModified": "2025-07-31T17:09:05.310",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-11-06T17:15:16.687",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-yyf2zkXs"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
CVE-2025-20280 (GCVE-0-2025-20280)
Vulnerability from cvelistv5 – Published: 2025-09-03 17:40 – Updated: 2025-09-03 17:58
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
8.0.0
Affected: 8.0.0.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:58:29.898997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:58:33.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:40:21.391Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-pi-stored-xss-XjQZsyCP",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP"
}
],
"source": {
"advisory": "cisco-sa-epnm-pi-stored-xss-XjQZsyCP",
"defects": [
"CSCwn55544"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20280",
"datePublished": "2025-09-03T17:40:21.391Z",
"dateReserved": "2024-10-10T19:15:13.247Z",
"dateUpdated": "2025-09-03T17:58:33.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20287 (GCVE-0-2025-20287)
Vulnerability from cvelistv5 – Published: 2025-09-03 17:40 – Updated: 2025-09-05 17:07
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device.
Severity ?
4.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20287",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:58:59.228377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T17:07:19.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:40:06.650Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epni-arb-file-upload-jjdM2P83",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epni-arb-file-upload-jjdM2P83"
}
],
"source": {
"advisory": "cisco-sa-epni-arb-file-upload-jjdM2P83",
"defects": [
"CSCwn55548"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20287",
"datePublished": "2025-09-03T17:40:06.650Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-09-05T17:07:19.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20270 (GCVE-0-2025-20270)
Vulnerability from cvelistv5 – Published: 2025-09-03 17:39 – Updated: 2025-09-05 17:05
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.
Severity ?
4.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:59:26.779785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T17:05:56.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.\u0026nbsp;\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:39:46.331Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-info-dis-zhPPMfgz",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-info-dis-zhPPMfgz"
}
],
"source": {
"advisory": "cisco-sa-epnm-info-dis-zhPPMfgz",
"defects": [
"CSCwn55506"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20270",
"datePublished": "2025-09-03T17:39:46.331Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-09-05T17:05:56.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20269 (GCVE-0-2025-20269)
Vulnerability from cvelistv5 – Published: 2025-08-20 16:26 – Updated: 2025-08-20 18:42
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.
This vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access sensitive files from the affected device.
Severity ?
6.5 (Medium)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 8.1.0 Affected: 8.0.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T18:42:00.712097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T18:42:17.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.1.0"
},
{
"status": "affected",
"version": "8.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access\u0026nbsp;sensitive files from the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "External Control of File Name or Path",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T16:26:23.064Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-TET4GxBX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-TET4GxBX"
},
{
"name": "CSCvd36820",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd36820"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
},
{
"name": "Cisco\u0026nbsp;Event Response: March 2018 Semiannual Cisco\u0026nbsp;IOS and IOS XE Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-66682"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-TET4GxBX",
"defects": [
"CSCwn55539"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20269",
"datePublished": "2025-08-20T16:26:23.064Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-08-20T18:42:17.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20272 (GCVE-0-2025-20272)
Vulnerability from cvelistv5 – Published: 2025-07-16 16:16 – Updated: 2025-07-18 14:30
VLAI?
Summary
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.
Severity ?
4.3 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 Affected: 5.1.3 Affected: 5.1.4 Affected: 6.1.1 Affected: 6.1 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 7.0.0 Affected: 1.2.5 Affected: 1.2.6 Affected: 2.0.1 Affected: 1.2.2 Affected: 1.2.3 Affected: 1.2.4 Affected: 1.2.7 Affected: 1.2.1.2 Affected: 2.2.1 Affected: 2.1.3 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.2 Affected: 2.0.4 Affected: 2.1.1 Affected: 5.0.2.5 Affected: 5.1.4.3 Affected: 6.0.2.1 Affected: 6.1.1.1 Affected: 5.0.2.1 Affected: 5.0.2.2 Affected: 5.0.2.3 Affected: 5.0.2.4 Affected: 5.1.4.1 Affected: 5.1.4.2 Affected: 2.1.4 Affected: 2.2.4 Affected: 2.2.3 Affected: 2.2.5 Affected: 5.1.3.2 Affected: 5.1.3.1 Affected: 6.0.1.1 Affected: 4.1.1.2 Affected: 4.1.1.1 Affected: 4.0.3.1 Affected: 2.0.1.1 Affected: 2.1.1.3 Affected: 2.1.1.1 Affected: 2.1.1.4 Affected: 2.0.4.2 Affected: 2.0.4.1 Affected: 2.1.2.2 Affected: 2.1.2.3 Affected: 2.0.2.1 Affected: 2.1.3.4 Affected: 2.1.3.3 Affected: 2.1.3.2 Affected: 2.1.3.5 Affected: 2.2.1.2 Affected: 2.2.1.1 Affected: 2.2.1.4 Affected: 2.2.1.3 Affected: 1.2.4.2 Affected: 1.2.2.4 Affected: 6.0.3 Affected: 5.1.4.4 Affected: 5.0.2.6 Affected: 6.0.3.1 Affected: 6.1.2 Affected: 6.1.1.2.2 Affected: 6.1.2.1 Affected: 6.1.2.2 Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 6.1.2.3 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 Affected: 8.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T14:30:45.473947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T14:30:51.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "6.1.2.3"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
},
{
"status": "affected",
"version": "8.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:28.878Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-piepnm-bsi-25JJqsbb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb"
}
],
"source": {
"advisory": "cisco-sa-piepnm-bsi-25JJqsbb",
"defects": [
"CSCwo76427"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20272",
"datePublished": "2025-07-16T16:16:28.878Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-07-18T14:30:51.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20203 (GCVE-0-2025-20203)
Vulnerability from cvelistv5 – Published: 2025-04-02 16:17 – Updated: 2025-04-02 16:32
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Prime Infrastructure |
Affected:
2.0.0
Affected: 2.0.10 Affected: 2.0.39 Affected: 2.1.0 Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.56 Affected: 2.2.0 Affected: 2.2.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.2.10 Affected: 2.2.8 Affected: 2.2.4 Affected: 2.2.7 Affected: 2.2.5 Affected: 2.2.9 Affected: 2.2.1 Update 01 Affected: 2.2.2 Update 03 Affected: 2.2.2 Update 04 Affected: 2.2.3 Update 02 Affected: 2.2.3 Update 03 Affected: 2.2.3 Update 04 Affected: 2.2.3 Update 05 Affected: 2.2.3 Update 06 Affected: 3.0.0 Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.6 Affected: 3.0.5 Affected: 3.0.7 Affected: 3.1.0 Affected: 3.1.1 Affected: 3.1.7 Affected: 3.1.5 Affected: 3.1.2 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.1.6 Affected: 3.2.2 Affected: 3.2.0-FIPS Affected: 3.2.1 Affected: 3.3.0 Affected: 3.3.1 Affected: 3.3.0 Update 01 Affected: 3.4.0 Affected: 3.4.1 Affected: 3.4.2 Affected: 3.4.1 Update 01 Affected: 3.4.1 Update 02 Affected: 3.4.2 Update 01 Affected: 3.5.0 Affected: 3.5.1 Affected: 3.5.0 Update 01 Affected: 3.5.0 Update 02 Affected: 3.5.0 Update 03 Affected: 3.5.1 Update 01 Affected: 3.5.1 Update 02 Affected: 3.5.1 Update 03 Affected: 3.6.0 Affected: 3.6.0 Update 01 Affected: 3.6.0 Update 02 Affected: 3.6.0 Update 03 Affected: 3.6.0 Update 04 Affected: 2.1 Affected: 2.2 Affected: 3.2 Affected: 3.4_DP1 Affected: 3.4_DP3 Affected: 3.4_DP2 Affected: 3.5_DP1 Affected: 3.4_DP7 Affected: 3.4_DP10 Affected: 3.4_DP5 Affected: 3.1_DP15 Affected: 3.4_DP11 Affected: 3.4_DP8 Affected: 3.7_DP1 Affected: 3.3_DP4 Affected: 3.10_DP1 Affected: 3.8_DP1 Affected: 3.7_DP2 Affected: 3.6_DP1 Affected: 3.1_DP16 Affected: 3.5_DP4 Affected: 3.3_DP3 Affected: 3.2_DP2 Affected: 3.4_DP4 Affected: 3.1_DP14 Affected: 3.1_DP6 Affected: 3.1_DP9 Affected: 3.4_DP6 Affected: 3.2_DP3 Affected: 3.4_DP9 Affected: 3.3_DP2 Affected: 3.2_DP1 Affected: 3.1_DP10 Affected: 3.9_DP1 Affected: 3.3_DP1 Affected: 3.1_DP13 Affected: 3.5_DP2 Affected: 3.1_DP12 Affected: 3.1_DP4 Affected: 3.5_DP3 Affected: 3.1_DP8 Affected: 3.1_DP7 Affected: 3.2_DP4 Affected: 3.1_DP11 Affected: 3.1_DP5 Affected: 3.7.0 Affected: 3.7.1 Affected: 3.7.1 Update 04 Affected: 3.7.1 Update 06 Affected: 3.7.1 Update 07 Affected: 3.7.1 Update 03 Affected: 3.7.0 Update 03 Affected: 3.7.1 Update 01 Affected: 3.7.1 Update 02 Affected: 3.7.1 Update 05 Affected: 3.8.0 Affected: 3.8.1 Affected: 3.8.1 Update 02 Affected: 3.8.1 Update 04 Affected: 3.8.1 Update 01 Affected: 3.8.1 Update 03 Affected: 3.8.0 Update 01 Affected: 3.8.0 Update 02 Affected: 3.9.0 Affected: 3.9.1 Affected: 3.9.1 Update 02 Affected: 3.9.1 Update 03 Affected: 3.9.1 Update 01 Affected: 3.9.1 Update 04 Affected: 3.9.0 Update 01 Affected: 3.10.0 Affected: 3.10.3 Affected: 3.10.1 Affected: 3.10.2 Affected: 3.10 Update 01 Affected: 3.10.4 Affected: 3.10.4 Update 01 Affected: 3.10.4 Update 02 Affected: 3.10.4 Update 03 Affected: 3.10.5 Affected: 3.10.6 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T16:31:49.936743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:32:01.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.3"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r \r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:17:24.683Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-GSScPGY4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-GSScPGY4",
"defects": [
"CSCwi37231",
"CSCwi89344",
"CSCwi92642",
"CSCwi55038",
"CSCwi89264",
"CSCwi95616",
"CSCwm51867"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20203",
"datePublished": "2025-04-02T16:17:24.683Z",
"dateReserved": "2024-10-10T19:15:13.229Z",
"dateUpdated": "2025-04-02T16:32:01.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20120 (GCVE-0-2025-20120)
Vulnerability from cvelistv5 – Published: 2025-04-02 16:16 – Updated: 2025-04-02 16:33
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Prime Infrastructure |
Affected:
2.0.0
Affected: 2.0.10 Affected: 2.0.39 Affected: 2.1.0 Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.56 Affected: 2.2.0 Affected: 2.2.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.2.10 Affected: 2.2.8 Affected: 2.2.4 Affected: 2.2.7 Affected: 2.2.5 Affected: 2.2.9 Affected: 2.2.1 Update 01 Affected: 2.2.2 Update 03 Affected: 2.2.2 Update 04 Affected: 2.2.3 Update 02 Affected: 2.2.3 Update 03 Affected: 2.2.3 Update 04 Affected: 2.2.3 Update 05 Affected: 2.2.3 Update 06 Affected: 3.0.0 Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.6 Affected: 3.0.5 Affected: 3.0.7 Affected: 3.1.0 Affected: 3.1.1 Affected: 3.1.7 Affected: 3.1.5 Affected: 3.1.2 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.1.6 Affected: 3.2.2 Affected: 3.2.0-FIPS Affected: 3.2.1 Affected: 3.3.0 Affected: 3.3.1 Affected: 3.3.0 Update 01 Affected: 3.4.0 Affected: 3.4.1 Affected: 3.4.2 Affected: 3.4.1 Update 01 Affected: 3.4.1 Update 02 Affected: 3.4.2 Update 01 Affected: 3.5.0 Affected: 3.5.1 Affected: 3.5.0 Update 01 Affected: 3.5.0 Update 02 Affected: 3.5.0 Update 03 Affected: 3.5.1 Update 01 Affected: 3.5.1 Update 02 Affected: 3.5.1 Update 03 Affected: 3.6.0 Affected: 3.6.0 Update 01 Affected: 3.6.0 Update 02 Affected: 3.6.0 Update 03 Affected: 3.6.0 Update 04 Affected: 2.1 Affected: 2.2 Affected: 3.2 Affected: 3.4_DP1 Affected: 3.4_DP3 Affected: 3.4_DP2 Affected: 3.5_DP1 Affected: 3.4_DP7 Affected: 3.4_DP10 Affected: 3.4_DP5 Affected: 3.1_DP15 Affected: 3.4_DP11 Affected: 3.4_DP8 Affected: 3.7_DP1 Affected: 3.3_DP4 Affected: 3.10_DP1 Affected: 3.8_DP1 Affected: 3.7_DP2 Affected: 3.6_DP1 Affected: 3.1_DP16 Affected: 3.5_DP4 Affected: 3.3_DP3 Affected: 3.2_DP2 Affected: 3.4_DP4 Affected: 3.1_DP14 Affected: 3.1_DP6 Affected: 3.1_DP9 Affected: 3.4_DP6 Affected: 3.2_DP3 Affected: 3.4_DP9 Affected: 3.3_DP2 Affected: 3.2_DP1 Affected: 3.1_DP10 Affected: 3.9_DP1 Affected: 3.3_DP1 Affected: 3.1_DP13 Affected: 3.5_DP2 Affected: 3.1_DP12 Affected: 3.1_DP4 Affected: 3.5_DP3 Affected: 3.1_DP8 Affected: 3.1_DP7 Affected: 3.2_DP4 Affected: 3.1_DP11 Affected: 3.1_DP5 Affected: 3.7.0 Affected: 3.7.1 Affected: 3.7.1 Update 04 Affected: 3.7.1 Update 06 Affected: 3.7.1 Update 07 Affected: 3.7.1 Update 03 Affected: 3.7.0 Update 03 Affected: 3.7.1 Update 01 Affected: 3.7.1 Update 02 Affected: 3.7.1 Update 05 Affected: 3.8.0 Affected: 3.8.1 Affected: 3.8.1 Update 02 Affected: 3.8.1 Update 04 Affected: 3.8.1 Update 01 Affected: 3.8.1 Update 03 Affected: 3.8.0 Update 01 Affected: 3.8.0 Update 02 Affected: 3.9.0 Affected: 3.9.1 Affected: 3.9.1 Update 02 Affected: 3.9.1 Update 03 Affected: 3.9.1 Update 01 Affected: 3.9.1 Update 04 Affected: 3.9.0 Update 01 Affected: 3.10.0 Affected: 3.10.3 Affected: 3.10.1 Affected: 3.10.2 Affected: 3.10 Update 01 Affected: 3.10.4 Affected: 3.10.4 Update 01 Affected: 3.10.4 Update 02 Affected: 3.10.4 Update 03 Affected: 3.10.5 Affected: 3.10.6 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T16:32:20.496694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:33:02.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:16:54.694Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-GSScPGY4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-GSScPGY4",
"defects": [
"CSCwm66634",
"CSCwm66949"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20120",
"datePublished": "2025-04-02T16:16:54.694Z",
"dateReserved": "2024-10-10T19:15:13.211Z",
"dateUpdated": "2025-04-02T16:33:02.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20657 (GCVE-0-2022-20657)
Vulnerability from cvelistv5 – Published: 2024-11-15 15:39 – Updated: 2024-11-15 16:18
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:15:51.507495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:18:19.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:39:33.492Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-path-trav-zws324yn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-path-trav-zws324yn",
"defects": [
"CSCvz43419"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20657",
"datePublished": "2024-11-15T15:39:33.492Z",
"dateReserved": "2021-11-02T13:28:29.040Z",
"dateUpdated": "2024-11-15T16:18:19.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20656 (GCVE-0-2022-20656)
Vulnerability from cvelistv5 – Published: 2024-11-15 15:36 – Updated: 2024-11-15 16:22
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.
This vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
6.5 (Medium)
CWE
- CWE-24 - Path Traversal: '../filedir'
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20656",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:22:22.303656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:22:46.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.\r\n\r\nThis vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.\r\nCisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:36:09.274Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-path-trav-zws324yn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAttention\u003c/strong\u003e: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see \u003ca href=\"https://www.cisco.com/c/en/us/products/security/secure-names.html\"\u003eMeet Cisco\u0026nbsp;Secure",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-path-trav-zws324yn",
"defects": [
"CSCvz43433"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20656",
"datePublished": "2024-11-15T15:36:09.274Z",
"dateReserved": "2021-11-02T13:28:29.040Z",
"dateUpdated": "2024-11-15T16:22:46.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20514 (GCVE-0-2024-20514)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:30 – Updated: 2024-11-06 17:04
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 Affected: 5.1.3 Affected: 5.1.4 Affected: 6.1.1 Affected: 6.1 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 7.0.0 Affected: 1.2.5 Affected: 1.2.6 Affected: 2.0.1 Affected: 1.2.2 Affected: 1.2.3 Affected: 1.2.4 Affected: 1.2.7 Affected: 1.2.1.2 Affected: 2.2.1 Affected: 2.1.3 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.2 Affected: 2.0.4 Affected: 2.1.1 Affected: 5.0.2.5 Affected: 5.1.4.3 Affected: 6.0.2.1 Affected: 6.1.1.1 Affected: 5.0.2.1 Affected: 5.0.2.2 Affected: 5.0.2.3 Affected: 5.0.2.4 Affected: 5.1.4.1 Affected: 5.1.4.2 Affected: 2.1.4 Affected: 2.2.4 Affected: 2.2.3 Affected: 2.2.5 Affected: 5.1.3.2 Affected: 5.1.3.1 Affected: 6.0.1.1 Affected: 4.1.1.2 Affected: 4.1.1.1 Affected: 4.0.3.1 Affected: 2.0.1.1 Affected: 2.1.1.3 Affected: 2.1.1.1 Affected: 2.1.1.4 Affected: 2.0.4.2 Affected: 2.0.4.1 Affected: 2.1.2.2 Affected: 2.1.2.3 Affected: 2.0.2.1 Affected: 2.1.3.4 Affected: 2.1.3.3 Affected: 2.1.3.2 Affected: 2.1.3.5 Affected: 2.2.1.2 Affected: 2.2.1.1 Affected: 2.2.1.4 Affected: 2.2.1.3 Affected: 1.2.4.2 Affected: 1.2.2.4 Affected: 6.0.3 Affected: 5.1.4.4 Affected: 5.0.2.6 Affected: 6.0.3.1 Affected: 6.1.2 Affected: 6.1.1.2.2 Affected: 6.1.2.1 Affected: 6.1.2.2 Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:04:18.651564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:04:27.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:30:03.159Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-yyf2zkXs",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-yyf2zkXs"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-yyf2zkXs",
"defects": [
"CSCwk83676"
],
"discovery": "INTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20514",
"datePublished": "2024-11-06T16:30:03.159Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-11-06T17:04:27.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20280 (GCVE-0-2025-20280)
Vulnerability from nvd – Published: 2025-09-03 17:40 – Updated: 2025-09-03 17:58
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
8.0.0
Affected: 8.0.0.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:58:29.898997Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:58:33.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:40:21.391Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-pi-stored-xss-XjQZsyCP",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-XjQZsyCP"
}
],
"source": {
"advisory": "cisco-sa-epnm-pi-stored-xss-XjQZsyCP",
"defects": [
"CSCwn55544"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20280",
"datePublished": "2025-09-03T17:40:21.391Z",
"dateReserved": "2024-10-10T19:15:13.247Z",
"dateUpdated": "2025-09-03T17:58:33.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20287 (GCVE-0-2025-20287)
Vulnerability from nvd – Published: 2025-09-03 17:40 – Updated: 2025-09-05 17:07
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device.
Severity ?
4.3 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20287",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:58:59.228377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T17:07:19.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:40:06.650Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epni-arb-file-upload-jjdM2P83",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epni-arb-file-upload-jjdM2P83"
}
],
"source": {
"advisory": "cisco-sa-epni-arb-file-upload-jjdM2P83",
"defects": [
"CSCwn55548"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20287",
"datePublished": "2025-09-03T17:40:06.650Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-09-05T17:07:19.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20270 (GCVE-0-2025-20270)
Vulnerability from nvd – Published: 2025-09-03 17:39 – Updated: 2025-09-05 17:05
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.
Severity ?
4.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20270",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T17:59:26.779785Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T17:05:56.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user.\u0026nbsp;\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T17:39:46.331Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-info-dis-zhPPMfgz",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-info-dis-zhPPMfgz"
}
],
"source": {
"advisory": "cisco-sa-epnm-info-dis-zhPPMfgz",
"defects": [
"CSCwn55506"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20270",
"datePublished": "2025-09-03T17:39:46.331Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-09-05T17:05:56.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20269 (GCVE-0-2025-20269)
Vulnerability from nvd – Published: 2025-08-20 16:26 – Updated: 2025-08-20 18:42
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.
This vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access sensitive files from the affected device.
Severity ?
6.5 (Medium)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.0.0
Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 8.1.0 Affected: 8.0.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T18:42:00.712097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T18:42:17.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.1.0"
},
{
"status": "affected",
"version": "8.0.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access\u0026nbsp;sensitive files from the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "External Control of File Name or Path",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-20T16:26:23.064Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-TET4GxBX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-TET4GxBX"
},
{
"name": "CSCvd36820",
"url": "https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd36820"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2"
},
{
"name": "Cisco\u0026nbsp;Event Response: March 2018 Semiannual Cisco\u0026nbsp;IOS and IOS XE Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-66682"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-TET4GxBX",
"defects": [
"CSCwn55539"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20269",
"datePublished": "2025-08-20T16:26:23.064Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-08-20T18:42:17.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20272 (GCVE-0-2025-20272)
Vulnerability from nvd – Published: 2025-07-16 16:16 – Updated: 2025-07-18 14:30
VLAI?
Summary
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.
Severity ?
4.3 (Medium)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 Affected: 5.1.3 Affected: 5.1.4 Affected: 6.1.1 Affected: 6.1 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 7.0.0 Affected: 1.2.5 Affected: 1.2.6 Affected: 2.0.1 Affected: 1.2.2 Affected: 1.2.3 Affected: 1.2.4 Affected: 1.2.7 Affected: 1.2.1.2 Affected: 2.2.1 Affected: 2.1.3 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.2 Affected: 2.0.4 Affected: 2.1.1 Affected: 5.0.2.5 Affected: 5.1.4.3 Affected: 6.0.2.1 Affected: 6.1.1.1 Affected: 5.0.2.1 Affected: 5.0.2.2 Affected: 5.0.2.3 Affected: 5.0.2.4 Affected: 5.1.4.1 Affected: 5.1.4.2 Affected: 2.1.4 Affected: 2.2.4 Affected: 2.2.3 Affected: 2.2.5 Affected: 5.1.3.2 Affected: 5.1.3.1 Affected: 6.0.1.1 Affected: 4.1.1.2 Affected: 4.1.1.1 Affected: 4.0.3.1 Affected: 2.0.1.1 Affected: 2.1.1.3 Affected: 2.1.1.1 Affected: 2.1.1.4 Affected: 2.0.4.2 Affected: 2.0.4.1 Affected: 2.1.2.2 Affected: 2.1.2.3 Affected: 2.0.2.1 Affected: 2.1.3.4 Affected: 2.1.3.3 Affected: 2.1.3.2 Affected: 2.1.3.5 Affected: 2.2.1.2 Affected: 2.2.1.1 Affected: 2.2.1.4 Affected: 2.2.1.3 Affected: 1.2.4.2 Affected: 1.2.2.4 Affected: 6.0.3 Affected: 5.1.4.4 Affected: 5.0.2.6 Affected: 6.0.3.1 Affected: 6.1.2 Affected: 6.1.1.2.2 Affected: 6.1.2.1 Affected: 6.1.2.2 Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 6.1.2.3 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 Affected: 8.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20272",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T14:30:45.473947Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T14:30:51.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "6.1.2.3"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
},
{
"status": "affected",
"version": "8.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:28.878Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-piepnm-bsi-25JJqsbb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb"
}
],
"source": {
"advisory": "cisco-sa-piepnm-bsi-25JJqsbb",
"defects": [
"CSCwo76427"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20272",
"datePublished": "2025-07-16T16:16:28.878Z",
"dateReserved": "2024-10-10T19:15:13.245Z",
"dateUpdated": "2025-07-18T14:30:51.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20203 (GCVE-0-2025-20203)
Vulnerability from nvd – Published: 2025-04-02 16:17 – Updated: 2025-04-02 16:32
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Prime Infrastructure |
Affected:
2.0.0
Affected: 2.0.10 Affected: 2.0.39 Affected: 2.1.0 Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.56 Affected: 2.2.0 Affected: 2.2.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.2.10 Affected: 2.2.8 Affected: 2.2.4 Affected: 2.2.7 Affected: 2.2.5 Affected: 2.2.9 Affected: 2.2.1 Update 01 Affected: 2.2.2 Update 03 Affected: 2.2.2 Update 04 Affected: 2.2.3 Update 02 Affected: 2.2.3 Update 03 Affected: 2.2.3 Update 04 Affected: 2.2.3 Update 05 Affected: 2.2.3 Update 06 Affected: 3.0.0 Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.6 Affected: 3.0.5 Affected: 3.0.7 Affected: 3.1.0 Affected: 3.1.1 Affected: 3.1.7 Affected: 3.1.5 Affected: 3.1.2 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.1.6 Affected: 3.2.2 Affected: 3.2.0-FIPS Affected: 3.2.1 Affected: 3.3.0 Affected: 3.3.1 Affected: 3.3.0 Update 01 Affected: 3.4.0 Affected: 3.4.1 Affected: 3.4.2 Affected: 3.4.1 Update 01 Affected: 3.4.1 Update 02 Affected: 3.4.2 Update 01 Affected: 3.5.0 Affected: 3.5.1 Affected: 3.5.0 Update 01 Affected: 3.5.0 Update 02 Affected: 3.5.0 Update 03 Affected: 3.5.1 Update 01 Affected: 3.5.1 Update 02 Affected: 3.5.1 Update 03 Affected: 3.6.0 Affected: 3.6.0 Update 01 Affected: 3.6.0 Update 02 Affected: 3.6.0 Update 03 Affected: 3.6.0 Update 04 Affected: 2.1 Affected: 2.2 Affected: 3.2 Affected: 3.4_DP1 Affected: 3.4_DP3 Affected: 3.4_DP2 Affected: 3.5_DP1 Affected: 3.4_DP7 Affected: 3.4_DP10 Affected: 3.4_DP5 Affected: 3.1_DP15 Affected: 3.4_DP11 Affected: 3.4_DP8 Affected: 3.7_DP1 Affected: 3.3_DP4 Affected: 3.10_DP1 Affected: 3.8_DP1 Affected: 3.7_DP2 Affected: 3.6_DP1 Affected: 3.1_DP16 Affected: 3.5_DP4 Affected: 3.3_DP3 Affected: 3.2_DP2 Affected: 3.4_DP4 Affected: 3.1_DP14 Affected: 3.1_DP6 Affected: 3.1_DP9 Affected: 3.4_DP6 Affected: 3.2_DP3 Affected: 3.4_DP9 Affected: 3.3_DP2 Affected: 3.2_DP1 Affected: 3.1_DP10 Affected: 3.9_DP1 Affected: 3.3_DP1 Affected: 3.1_DP13 Affected: 3.5_DP2 Affected: 3.1_DP12 Affected: 3.1_DP4 Affected: 3.5_DP3 Affected: 3.1_DP8 Affected: 3.1_DP7 Affected: 3.2_DP4 Affected: 3.1_DP11 Affected: 3.1_DP5 Affected: 3.7.0 Affected: 3.7.1 Affected: 3.7.1 Update 04 Affected: 3.7.1 Update 06 Affected: 3.7.1 Update 07 Affected: 3.7.1 Update 03 Affected: 3.7.0 Update 03 Affected: 3.7.1 Update 01 Affected: 3.7.1 Update 02 Affected: 3.7.1 Update 05 Affected: 3.8.0 Affected: 3.8.1 Affected: 3.8.1 Update 02 Affected: 3.8.1 Update 04 Affected: 3.8.1 Update 01 Affected: 3.8.1 Update 03 Affected: 3.8.0 Update 01 Affected: 3.8.0 Update 02 Affected: 3.9.0 Affected: 3.9.1 Affected: 3.9.1 Update 02 Affected: 3.9.1 Update 03 Affected: 3.9.1 Update 01 Affected: 3.9.1 Update 04 Affected: 3.9.0 Update 01 Affected: 3.10.0 Affected: 3.10.3 Affected: 3.10.1 Affected: 3.10.2 Affected: 3.10 Update 01 Affected: 3.10.4 Affected: 3.10.4 Update 01 Affected: 3.10.4 Update 02 Affected: 3.10.4 Update 03 Affected: 3.10.5 Affected: 3.10.6 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T16:31:49.936743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:32:01.718Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.3"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r \r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:17:24.683Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-GSScPGY4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-GSScPGY4",
"defects": [
"CSCwi37231",
"CSCwi89344",
"CSCwi92642",
"CSCwi55038",
"CSCwi89264",
"CSCwi95616",
"CSCwm51867"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20203",
"datePublished": "2025-04-02T16:17:24.683Z",
"dateReserved": "2024-10-10T19:15:13.229Z",
"dateUpdated": "2025-04-02T16:32:01.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20120 (GCVE-0-2025-20120)
Vulnerability from nvd – Published: 2025-04-02 16:16 – Updated: 2025-04-02 16:33
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Prime Infrastructure |
Affected:
2.0.0
Affected: 2.0.10 Affected: 2.0.39 Affected: 2.1.0 Affected: 2.1.1 Affected: 2.1.2 Affected: 2.1.56 Affected: 2.2.0 Affected: 2.2.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.2.10 Affected: 2.2.8 Affected: 2.2.4 Affected: 2.2.7 Affected: 2.2.5 Affected: 2.2.9 Affected: 2.2.1 Update 01 Affected: 2.2.2 Update 03 Affected: 2.2.2 Update 04 Affected: 2.2.3 Update 02 Affected: 2.2.3 Update 03 Affected: 2.2.3 Update 04 Affected: 2.2.3 Update 05 Affected: 2.2.3 Update 06 Affected: 3.0.0 Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.6 Affected: 3.0.5 Affected: 3.0.7 Affected: 3.1.0 Affected: 3.1.1 Affected: 3.1.7 Affected: 3.1.5 Affected: 3.1.2 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.1.6 Affected: 3.2.2 Affected: 3.2.0-FIPS Affected: 3.2.1 Affected: 3.3.0 Affected: 3.3.1 Affected: 3.3.0 Update 01 Affected: 3.4.0 Affected: 3.4.1 Affected: 3.4.2 Affected: 3.4.1 Update 01 Affected: 3.4.1 Update 02 Affected: 3.4.2 Update 01 Affected: 3.5.0 Affected: 3.5.1 Affected: 3.5.0 Update 01 Affected: 3.5.0 Update 02 Affected: 3.5.0 Update 03 Affected: 3.5.1 Update 01 Affected: 3.5.1 Update 02 Affected: 3.5.1 Update 03 Affected: 3.6.0 Affected: 3.6.0 Update 01 Affected: 3.6.0 Update 02 Affected: 3.6.0 Update 03 Affected: 3.6.0 Update 04 Affected: 2.1 Affected: 2.2 Affected: 3.2 Affected: 3.4_DP1 Affected: 3.4_DP3 Affected: 3.4_DP2 Affected: 3.5_DP1 Affected: 3.4_DP7 Affected: 3.4_DP10 Affected: 3.4_DP5 Affected: 3.1_DP15 Affected: 3.4_DP11 Affected: 3.4_DP8 Affected: 3.7_DP1 Affected: 3.3_DP4 Affected: 3.10_DP1 Affected: 3.8_DP1 Affected: 3.7_DP2 Affected: 3.6_DP1 Affected: 3.1_DP16 Affected: 3.5_DP4 Affected: 3.3_DP3 Affected: 3.2_DP2 Affected: 3.4_DP4 Affected: 3.1_DP14 Affected: 3.1_DP6 Affected: 3.1_DP9 Affected: 3.4_DP6 Affected: 3.2_DP3 Affected: 3.4_DP9 Affected: 3.3_DP2 Affected: 3.2_DP1 Affected: 3.1_DP10 Affected: 3.9_DP1 Affected: 3.3_DP1 Affected: 3.1_DP13 Affected: 3.5_DP2 Affected: 3.1_DP12 Affected: 3.1_DP4 Affected: 3.5_DP3 Affected: 3.1_DP8 Affected: 3.1_DP7 Affected: 3.2_DP4 Affected: 3.1_DP11 Affected: 3.1_DP5 Affected: 3.7.0 Affected: 3.7.1 Affected: 3.7.1 Update 04 Affected: 3.7.1 Update 06 Affected: 3.7.1 Update 07 Affected: 3.7.1 Update 03 Affected: 3.7.0 Update 03 Affected: 3.7.1 Update 01 Affected: 3.7.1 Update 02 Affected: 3.7.1 Update 05 Affected: 3.8.0 Affected: 3.8.1 Affected: 3.8.1 Update 02 Affected: 3.8.1 Update 04 Affected: 3.8.1 Update 01 Affected: 3.8.1 Update 03 Affected: 3.8.0 Update 01 Affected: 3.8.0 Update 02 Affected: 3.9.0 Affected: 3.9.1 Affected: 3.9.1 Update 02 Affected: 3.9.1 Update 03 Affected: 3.9.1 Update 01 Affected: 3.9.1 Update 04 Affected: 3.9.0 Update 01 Affected: 3.10.0 Affected: 3.10.3 Affected: 3.10.1 Affected: 3.10.2 Affected: 3.10 Update 01 Affected: 3.10.4 Affected: 3.10.4 Update 01 Affected: 3.10.4 Update 02 Affected: 3.10.4 Update 03 Affected: 3.10.5 Affected: 3.10.6 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-02T16:32:20.496694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:33:02.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
}
]
},
{
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:16:54.694Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-GSScPGY4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-GSScPGY4",
"defects": [
"CSCwm66634",
"CSCwm66949"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20120",
"datePublished": "2025-04-02T16:16:54.694Z",
"dateReserved": "2024-10-10T19:15:13.211Z",
"dateUpdated": "2025-04-02T16:33:02.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20657 (GCVE-0-2022-20657)
Vulnerability from nvd – Published: 2024-11-15 15:39 – Updated: 2024-11-15 16:18
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:15:51.507495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:18:19.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device.\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.Cisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerabilities that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:39:33.492Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-path-trav-zws324yn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-path-trav-zws324yn",
"defects": [
"CSCvz43419"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20657",
"datePublished": "2024-11-15T15:39:33.492Z",
"dateReserved": "2021-11-02T13:28:29.040Z",
"dateUpdated": "2024-11-15T16:18:19.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20656 (GCVE-0-2022-20656)
Vulnerability from nvd – Published: 2024-11-15 15:36 – Updated: 2024-11-15 16:22
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.
This vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
Severity ?
6.5 (Medium)
CWE
- CWE-24 - Path Traversal: '../filedir'
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20656",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:22:22.303656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:22:46.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco\u0026nbsp;PI and Cisco\u0026nbsp;EPNM could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the system.\r\n\r\nThis vulnerability is due to insufficient input validation of the HTTPS URL by the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request that contains directory traversal character sequences to an affected device. A successful exploit could allow the attacker to write arbitrary files to the host system.\r\nCisco\u0026nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco\u00a0PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T15:36:09.274Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-epnm-path-trav-zws324yn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-path-trav-zws324yn"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAttention\u003c/strong\u003e: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see \u003ca href=\"https://www.cisco.com/c/en/us/products/security/secure-names.html\"\u003eMeet Cisco\u0026nbsp;Secure",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
}
],
"source": {
"advisory": "cisco-sa-pi-epnm-path-trav-zws324yn",
"defects": [
"CSCvz43433"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20656",
"datePublished": "2024-11-15T15:36:09.274Z",
"dateReserved": "2021-11-02T13:28:29.040Z",
"dateUpdated": "2024-11-15T16:22:46.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20514 (GCVE-0-2024-20514)
Vulnerability from nvd – Published: 2024-11-06 16:30 – Updated: 2024-11-06 17:04
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 Affected: 5.1.3 Affected: 5.1.4 Affected: 6.1.1 Affected: 6.1 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 7.0.0 Affected: 1.2.5 Affected: 1.2.6 Affected: 2.0.1 Affected: 1.2.2 Affected: 1.2.3 Affected: 1.2.4 Affected: 1.2.7 Affected: 1.2.1.2 Affected: 2.2.1 Affected: 2.1.3 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.2 Affected: 2.0.4 Affected: 2.1.1 Affected: 5.0.2.5 Affected: 5.1.4.3 Affected: 6.0.2.1 Affected: 6.1.1.1 Affected: 5.0.2.1 Affected: 5.0.2.2 Affected: 5.0.2.3 Affected: 5.0.2.4 Affected: 5.1.4.1 Affected: 5.1.4.2 Affected: 2.1.4 Affected: 2.2.4 Affected: 2.2.3 Affected: 2.2.5 Affected: 5.1.3.2 Affected: 5.1.3.1 Affected: 6.0.1.1 Affected: 4.1.1.2 Affected: 4.1.1.1 Affected: 4.0.3.1 Affected: 2.0.1.1 Affected: 2.1.1.3 Affected: 2.1.1.1 Affected: 2.1.1.4 Affected: 2.0.4.2 Affected: 2.0.4.1 Affected: 2.1.2.2 Affected: 2.1.2.3 Affected: 2.0.2.1 Affected: 2.1.3.4 Affected: 2.1.3.3 Affected: 2.1.3.2 Affected: 2.1.3.5 Affected: 2.2.1.2 Affected: 2.2.1.1 Affected: 2.2.1.4 Affected: 2.2.1.3 Affected: 1.2.4.2 Affected: 1.2.2.4 Affected: 6.0.3 Affected: 5.1.4.4 Affected: 5.0.2.6 Affected: 6.0.3.1 Affected: 6.1.2 Affected: 6.1.1.2.2 Affected: 6.1.2.1 Affected: 6.1.2.2 Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20514",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:04:18.651564Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:04:27.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into a specific page of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:30:03.159Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnmpi-sxss-yyf2zkXs",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-yyf2zkXs"
}
],
"source": {
"advisory": "cisco-sa-epnmpi-sxss-yyf2zkXs",
"defects": [
"CSCwk83676"
],
"discovery": "INTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20514",
"datePublished": "2024-11-06T16:30:03.159Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-11-06T17:04:27.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}