Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco prime infrastructure vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-34733
A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, local malicious user to access sensitive information stored on the underlying file system of an affected system. This vulnerability exists b...
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure
5
CVSSv2
CVE-2021-33193
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Tenable Tenable.sc
Oracle Zfs Storage Appliance Kit 8.8
Oracle Secure Backup
1 Github repository
3.6
CVSSv2
CVE-2021-1306
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local malicious user to identify directories and write arbitrary files to the file syste...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure 3.8.1
Cisco Prime Infrastructure
9
CVSSv2
CVE-2021-1487
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute arbitrary commands on an affected system. The vulnerability is due to insufficient val...
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
5.8
CVSSv2
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
6.4
CVSSv2
CVE-2020-3339
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacke...
Cisco Prime Infrastructure
Cisco Prime Infrastructure 3.8
3.5
CVSSv2
CVE-2015-7851
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP prior to 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite ...
Ntp Ntp
Ntp Ntp 4.2.8
10
CVSSv2
CVE-2019-15958
A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an unauthenticated remote malicious user to execute arbitrary code with root privileges on the underlying operating system. The vulnerability is du...
Cisco Prime Infrastructure
Cisco Prime Infrastructure 3.6
Cisco Evolved Programmable Network Manager
4.3
CVSSv2
CVE-2019-12712
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerabilit...
Cisco Prime Infrastructure 3.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »