Description
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.

These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid credentials to access the web-based management interface of the affected device.
Published: 2023-08-16
Score: 5.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

No history.

Subscriptions

Cisco Evolved Programmable Network Manager Prime Infrastructure
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-02T09:05:35.911Z

Reserved: 2022-10-27T18:47:50.367Z

Link: CVE-2023-20203

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-08-16T22:15:11.023

Modified: 2024-11-21T07:40:49.437

Link: CVE-2023-20203

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses