The API in Cisco Prime Infrastructure 1.2 up to and including 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote malicious users to execute arbitrary code or obtain sensitive management information via a crafted HTTP request, as demonstrated by discovering managed-device credentials, aka Bug ID CSCuy10231.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco prime infrastructure 2.2\\(2\\) |
||
cisco prime infrastructure 2.1.0 |
||
cisco prime infrastructure 1.4 |
||
cisco prime infrastructure 1.4.2 |
||
cisco prime infrastructure 1.4.1 |
||
cisco prime infrastructure 2.2 |
||
cisco prime infrastructure 1.2.0.103 |
||
cisco prime infrastructure 2.0 |
||
cisco prime infrastructure 1.2.1 |
||
cisco prime infrastructure 1.4.0.45 |
||
cisco prime infrastructure 1.3.0.20 |
||
cisco prime infrastructure 1.3 |
||
cisco prime infrastructure 1.2 |
||
cisco evolved programmable network manager 1.2.0 |