CVE-2023-20130
published 2023-04-05CVE-2023-20130: Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_prime_infrastructure | — | — |
| cisco | evolved_programmable_network_manager | < 5.0.2.5 | 5.0.2.5 |
| cisco | evolved_programmable_network_manager | >= 5.1 < 5.1.4.2 | 5.1.4.2 |
| cisco | evolved_programmable_network_manager | >= 6.0 < 6.0.2.1 | 6.0.2.1 |
| cisco | evolved_programmable_network_manager | >= 6.1 < 6.1.1.1 | 6.1.1.1 |
| cisco | prime_infrastructure | <= 3.7 | — |
| cisco | prime_infrastructure | — | — |
| cisco | prime_infrastructure | — | — |
| cisco | prime_infrastructure | — | — |
| cisco | prime_infrastructure | — | — |
| cisco | prime_infrastructure | >= 3.10 < 3.10.2 | 3.10.2 |
| cisco | prime_infrastructure_and_cisco_evolved_programmable_network_manager | — | — |