CVE-2023-20129

CVSS V2 None CVSS V3 None
Description
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory.
Overview
  • CVE ID
  • CVE-2023-20129
  • Assigner
  • ykramarz@cisco.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-05T18:15:07
  • Last Modified Date
  • 2023-04-11T19:47:50
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* 1 OR 3.7
cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:* 1 OR 3.10 3.10.2
cpe:2.3:a:cisco:prime_infrastructure:3.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:cisco:prime_infrastructure:3.9:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-:*:*:*:*:*:* 1 OR
cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* 1 OR 5.0.2.5
cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* 1 OR 5.1 5.1.4.2
cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* 1 OR 6.0 6.0.2.1
cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* 1 OR 6.1 6.1.1.1
History
Created Old Value New Value Data Type Notes
2023-04-17 04:12:24 Added to TrackCVE
2023-04-17 04:12:26 Weakness Enumeration new
2023-04-17 05:14:25 CVSS V3 information new