📦 Evolved Programmable Network Manager

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

This vulnerability allows authenticated remote attackers to execute arbitrary commands on Cisco Prime Infrastructure and EPN Manager systems via crafted HTTP requests to the web management interface. ...

This stored XSS vulnerability in Cisco EPNM and Prime Infrastructure allows authenticated administrators to inject malicious scripts into the web interface. When other users view the compromised inter...

An authenticated attacker with administrative credentials can inject malicious scripts into Cisco EPNM/Prime Infrastructure web interface fields, which then execute in victims' browsers when they view...

This vulnerability allows authenticated attackers with Config Managers credentials to upload arbitrary files to Cisco EPNM systems via the web management interface. It affects Cisco Evolved Programmab...

An authenticated low-privileged attacker can exploit insufficient input validation in certain REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager to conduct blind SQ...

An unauthenticated remote attacker can inject malicious scripts into Cisco EPNM and Prime Infrastructure web interfaces, which then execute in victims' browsers when they view compromised pages. This ...

This is a cross-site scripting (XSS) vulnerability in Cisco PI and EPNM web management interfaces that allows unauthenticated attackers to execute malicious scripts in users' browsers. Attackers can s...