Cisco Prime_infrastructure
33 CVEs affecting Cisco Prime_infrastructure. Latest disclosed: 2023-10-10. Critical: 2, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-1289 | Critical | 9.8 | 2016-07-02 | The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to execute arbitrary code or… |
CVE-2016-1291 | Critical | 9.8 | 2016-04-06 | Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via… |
CVE-2016-6443 | High | 8.8 | 2016-10-27 | A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker… |
CVE-2016-1442 | High | 8.8 | 2016-07-07 | The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authenticated users to execute arbitrary commands via crafted fi… |
CVE-2016-1408 | High | 8.8 | 2016-07-02 | Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to execute arbitrary co… |
CVE-2016-1406 | High | 8.8 | 2016-05-25 | The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote authenticated users to… |
CVE-2016-1359 | High | 8.8 | 2016-03-03 | Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled during viewing of a lo… |
CVE-2016-1290 | High | 8.1 | 2016-04-06 | The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to b… |
CVE-2017-6662 | High | 8.0 | 2017-06-26 | A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated… |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |
CVE-2017-3884 | Medium | 6.5 | 2017-04-07 | A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote at… |
CVE-2016-1358 | Medium | 6.4 | 2016-03-03 | Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document co… |
CVE-2017-6725 | Medium | 6.1 | 2017-07-04 | A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)… |
CVE-2017-6724 | Medium | 6.1 | 2017-07-04 | A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)… |
CVE-2017-6700 | Medium | 6.1 | 2017-07-04 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthe… |
CVE-2017-6699 | Medium | 6.1 | 2017-07-04 | A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an unauthe… |
CVE-2017-6611 | Medium | 6.1 | 2017-04-20 | A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a cross-site scriptin… |
CVE-2017-3848 | Medium | 6.1 | 2017-04-07 | A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a cross-sit… |
CVE-2015-6434 | Medium | 6.1 | 2016-01-08 | Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and un… |
CVE-2017-6782 | Medium | 5.4 | 2017-08-17 | A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web int… |