What is CVE-2021-1487?

CVE-2021-1487 is a high-severity vulnerability in Cisco Prime Infrastructure, classified under OS Command Injection. CVSS score: 8.8/10. Published 2021-05-22.

How severe is CVE-2021-1487?

High severity. CVSS v3 base score is 8.8 out of 10.

RCE in Cisco Prime Infrastructure

CVE-2021-1487

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulne…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.006 (69.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Prime Infrastructure — versions n/a

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

20210519 Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Command Injection Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-1487?: CVE-2021-1487 is a high-severity vulnerability in Cisco Prime Infrastructure, classified under OS Command Injection. CVSS score: 8.8/10. Published 2021-05-22.
How severe is CVE-2021-1487?: High severity. CVSS v3 base score is 8.8 out of 10.