cbcvebase.
CVE-2023-20127
published 2023-04-05

CVE-2023-20127: Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow…

medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory.

Affected

8 ranges
VendorProductVersion rangeFixed in
ciscocisco_prime_infrastructure
ciscoprime_infrastructure<= 3.7
ciscoprime_infrastructure
ciscoprime_infrastructure
ciscoprime_infrastructure
ciscoprime_infrastructure
ciscoprime_infrastructure>= 3.10 < 3.10.23.10.2
ciscoprime_infrastructure_and_cisco_evolved_programmable_network_manager