CVE-2025-20272 - Vulnerability Details

- Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability

Description

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.

Published: 2025-07-16

Score: 4.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco Evolved Programmable Network Manager (EPNM)

unknown

Version	Status	Constraints
`3.0.1`	affected	—
`3.1.2`	affected	—
`1.2`	affected	—
`3.1.1`	affected	—
`3.1.3`	affected	—
`3.1`	affected	—
`3.0.3`	affected	—
`3.0.2`	affected	—
`3.0`	affected	—
`2.2`	affected	—
`1.1`	affected	—
`2.1`	affected	—
`2.0`	affected	—
`4.1`	affected	—
`4.1.1`	affected	—
`4.0.3`	affected	—
`4.0.1`	affected	—
`4.0.2`	affected	—
`4.0`	affected	—
`5.0`	affected	—
`5.0.1`	affected	—
`5.1.1`	affected	—
`5.1`	affected	—
`5.0.2`	affected	—
`5.1.2`	affected	—
`5.1.3`	affected	—
`5.1.4`	affected	—
`6.1.1`	affected	—
`6.1`	affected	—
`6.0.0`	affected	—
`6.0.1`	affected	—
`6.0.2`	affected	—
`7.0.0`	affected	—
`1.2.5`	affected	—
`1.2.6`	affected	—
`2.0.1`	affected	—
`1.2.2`	affected	—
`1.2.3`	affected	—
`1.2.4`	affected	—
`1.2.7`	affected	—
`1.2.1.2`	affected	—
`2.2.1`	affected	—
`2.1.3`	affected	—
`2.0.2`	affected	—
`2.0.3`	affected	—
`2.1.2`	affected	—
`2.0.4`	affected	—
`2.1.1`	affected	—
`5.0.2.5`	affected	—
`5.1.4.3`	affected	—
`6.0.2.1`	affected	—
`6.1.1.1`	affected	—
`5.0.2.1`	affected	—
`5.0.2.2`	affected	—
`5.0.2.3`	affected	—
`5.0.2.4`	affected	—
`5.1.4.1`	affected	—
`5.1.4.2`	affected	—
`2.1.4`	affected	—
`2.2.4`	affected	—
`2.2.3`	affected	—
`2.2.5`	affected	—
`5.1.3.2`	affected	—
`5.1.3.1`	affected	—
`6.0.1.1`	affected	—
`4.1.1.2`	affected	—
`4.1.1.1`	affected	—
`4.0.3.1`	affected	—
`2.0.1.1`	affected	—
`2.1.1.3`	affected	—
`2.1.1.1`	affected	—
`2.1.1.4`	affected	—
`2.0.4.2`	affected	—
`2.0.4.1`	affected	—
`2.1.2.2`	affected	—
`2.1.2.3`	affected	—
`2.0.2.1`	affected	—
`2.1.3.4`	affected	—
`2.1.3.3`	affected	—
`2.1.3.2`	affected	—
`2.1.3.5`	affected	—
`2.2.1.2`	affected	—
`2.2.1.1`	affected	—
`2.2.1.4`	affected	—
`2.2.1.3`	affected	—
`1.2.4.2`	affected	—
`1.2.2.4`	affected	—
`6.0.3`	affected	—
`5.1.4.4`	affected	—
`5.0.2.6`	affected	—
`6.0.3.1`	affected	—
`6.1.2`	affected	—
`6.1.1.2.2`	affected	—
`6.1.2.1`	affected	—
`6.1.2.2`	affected	—
`7.1.1`	affected	—
`7.1.2.1`	affected	—
`7.0.1.3`	affected	—
`7.1.3`	affected	—
`7.1.2`	affected	—
`7.0.1.2`	affected	—
`7.0.1.1`	affected	—
`7.0.1`	affected	—
`7.1.0`	affected	—
`8.0.0`	affected	—
`6.1.2.3`	affected	—
`8.0.0.1`	affected	—
`7.1.3.1`	affected	—
`7.1.4`	affected	—
`8.1.0`	affected	—

Cisco

Cisco Prime Infrastructure

unknown

Version	Status	Constraints
`3.0.0`	affected	—
`3.1.0`	affected	—
`3.1.5`	affected	—
`2.1`	affected	—
`2.0.0`	affected	—
`3.6.0`	affected	—
`3.7.0`	affected	—
`3.4.0`	affected	—
`3.3.0`	affected	—
`3.2`	affected	—
`3.5.0`	affected	—
`3.2.0-FIPS`	affected	—
`2.2`	affected	—
`3.8.0-FED`	affected	—
`3.9.0`	affected	—
`3.8.0`	affected	—
`3.10.0`	affected	—
`3.1.1`	affected	—
`2.1.2`	affected	—
`2.2.1`	affected	—
`2.2.0`	affected	—
`3.0.2`	affected	—
`3.0.3`	affected	—
`3.0.1`	affected	—
`2.2.2`	affected	—
`2.2.3`	affected	—
`2.1.0`	affected	—
`2.1.1`	affected	—
`3.9.1`	affected	—
`2.0.10`	affected	—
`3.8.1`	affected	—
`3.7.1`	affected	—
`3.5.1`	affected	—
`3.4.2`	affected	—
`3.3.1`	affected	—
`3.1.7`	affected	—
`3.2.1`	affected	—
`3.2.2`	affected	—
`3.1.6`	affected	—
`3.1.2`	affected	—
`3.4.1`	affected	—
`3.1.3`	affected	—
`3.1.4`	affected	—
`3.0.6`	affected	—
`2.2.10`	affected	—
`3.0.4`	affected	—
`3.0.5`	affected	—
`2.1.56`	affected	—
`2.2.4`	affected	—
`2.2.9`	affected	—
`2.2.8`	affected	—
`2.2.5`	affected	—
`2.2.7`	affected	—
`2.0.39`	affected	—
`3.8_DP1`	affected	—
`3.9_DP1`	affected	—
`3.7_DP2`	affected	—
`3.6_DP1`	affected	—
`3.5_DP4`	affected	—
`3.5_DP2`	affected	—
`3.4_DP10`	affected	—
`3.7_DP1`	affected	—
`3.5_DP3`	affected	—
`3.4_DP11`	affected	—
`3.5_DP1`	affected	—
`3.4_DP8`	affected	—
`3.4_DP1`	affected	—
`3.4_DP3`	affected	—
`3.4_DP5`	affected	—
`3.4_DP2`	affected	—
`3.4_DP7`	affected	—
`3.4_DP6`	affected	—
`3.3_DP4`	affected	—
`3.4_DP4`	affected	—
`3.4_DP9`	affected	—
`3.1_DP16`	affected	—
`3.3_DP2`	affected	—
`3.3_DP3`	affected	—
`3.1_DP15`	affected	—
`3.3_DP1`	affected	—
`3.1_DP13`	affected	—
`3.2_DP2`	affected	—
`3.2_DP1`	affected	—
`3.2_DP3`	affected	—
`3.1_DP14`	affected	—
`3.2_DP4`	affected	—
`3.1_DP7`	affected	—
`3.1_DP10`	affected	—
`3.1_DP11`	affected	—
`3.1_DP4`	affected	—
`3.1_DP6`	affected	—
`3.1_DP12`	affected	—
`3.1_DP5`	affected	—
`3.0.7`	affected	—
`3.1_DP9`	affected	—
`3.1_DP8`	affected	—
`3.10_DP1`	affected	—
`3.10.2`	affected	—
`3.10.3`	affected	—
`3.10`	affected	—
`3.10.1`	affected	—
`3.7.1 Update 03`	affected	—
`3.7.1 Update 04`	affected	—
`3.7.1 Update 06`	affected	—
`3.7.1 Update 07`	affected	—
`3.8.1 Update 01`	affected	—
`3.8.1 Update 02`	affected	—
`3.8.1 Update 03`	affected	—
`3.8.1 Update 04`	affected	—
`3.9.1 Update 01`	affected	—
`3.9.1 Update 02`	affected	—
`3.9.1 Update 03`	affected	—
`3.9.1 Update 04`	affected	—
`3.10 Update 01`	affected	—
`3.4.2 Update 01`	affected	—
`3.6.0 Update 04`	affected	—
`3.6.0 Update 02`	affected	—
`3.6.0 Update 03`	affected	—
`3.6.0 Update 01`	affected	—
`3.5.1 Update 03`	affected	—
`3.5.1 Update 01`	affected	—
`3.5.1 Update 02`	affected	—
`3.7.0 Update 03`	affected	—
`2.2.3 Update 05`	affected	—
`2.2.3 Update 04`	affected	—
`2.2.3 Update 06`	affected	—
`2.2.3 Update 03`	affected	—
`2.2.3 Update 02`	affected	—
`2.2.1 Update 01`	affected	—
`2.2.2 Update 03`	affected	—
`2.2.2 Update 04`	affected	—
`3.8.0 Update 01`	affected	—
`3.8.0 Update 02`	affected	—
`3.7.1 Update 01`	affected	—
`3.7.1 Update 02`	affected	—
`3.7.1 Update 05`	affected	—
`3.9.0 Update 01`	affected	—
`3.3.0 Update 01`	affected	—
`3.4.1 Update 02`	affected	—
`3.4.1 Update 01`	affected	—
`3.5.0 Update 03`	affected	—
`3.5.0 Update 01`	affected	—
`3.5.0 Update 02`	affected	—
`3.10.4`	affected	—
`3.10.4 Update 01`	affected	—
`3.10.4 Update 02`	affected	—
`3.10.4 Update 03`	affected	—
`3.10.5`	affected	—
`3.10.6`	affected	—
`3.10.6 Update 01`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:cisco:prime_infrastructure:2.0.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.0.10:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.0.39:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.1.56:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06::::::
	cpe:2.3:a:cisco:prime_infrastructure:2.2.4:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.5:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.7:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.8:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.9:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:2.2.10:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.3:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.4:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.5:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.6:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.0.7:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack10::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack11::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack12::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack13::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack14::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack15::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack16::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack4::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack5::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack6::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack7::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack8::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack9::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.1.0:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.2:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.3:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.4:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.5:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.6:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.1.7:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.2:-::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack1::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack2::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack3::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack4::::::
	cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.2.1:::::::*
	cpe:2.3:a:cisco:prime_infrastructure:3.2.2:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack2::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack3::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack4::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3.0:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.3.1:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack10::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack11::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack2::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack3::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack4::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack5::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack6::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack7::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack8::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack9::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4.0:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.4.1:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4.2:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.4.2:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack2::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack3::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack4::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.1:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update04::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack2::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.0:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update04::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update05::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update06::::::
cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update07::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update04::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.0:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.0:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update04::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10:device_pack1::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.0:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.10.1:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.10.2:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.10.3:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update01::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update02::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update03::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.5:::::::*
cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-::::::
cpe:2.3:a:cisco:prime_infrastructure:3.10.6:update01::::::

Configuration 2 [-]

OR	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.5:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.6:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.7:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.5:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.4:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.5:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:::::::*
	cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.4:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.5:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.6:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.4:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.0:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.2.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.0:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.0:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.4:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0.1:::::::*
cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:::::::*

No data.

Vendor	Product	Confidence	Versions
Cisco	Evolved Programmable Network Manager	—	—
Cisco	Prime Infrastructure	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2025-21713	A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00063.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb

History

Thu, 31 Jul 2025 15:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:cisco:evolved_programmable_network_manager:1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.5:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.6:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2.7:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3.5:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2.5:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.5:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2.6:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.0.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1.2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:6.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.2:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.3:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:7.1.4:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0.1:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:8.0.0:::::::* cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.0.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.0.10:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.0.39:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.1.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.1.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.1.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.1.56:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.10:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06:::::: cpe:2.3:a:cisco:prime_infrastructure:2.2.4:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.5:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.7:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.8:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2.9:::::::* cpe:2.3:a:cisco:prime_infrastructure:2.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.3:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.4:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.5:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.6:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.0.7:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.3:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.4:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.5:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.6:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.1.7:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.3:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.4:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10.4:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10.5:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10.6:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.10:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack10:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack11:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack12:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack13:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack14:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack15:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack16:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack4:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack5:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack6:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack7:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack8:::::: cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack9:::::: cpe:2.3:a:cisco:prime_infrastructure:3.2.0-fips:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.2.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.2.2:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.2:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack2:::::: cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack3:::::: cpe:2.3:a:cisco:prime_infrastructure:3.2:device_pack4:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3.0:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3.1:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack2:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack3:::::: cpe:2.3:a:cisco:prime_infrastructure:3.3:device_pack4:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4.0:::::::* cpe:2.3:a:cisco:prime_infrastructure:3.4.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4.1:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4.2:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4.2:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack10:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack11:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack2:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack3:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack4:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack5:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack6:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack7:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack8:::::: cpe:2.3:a:cisco:prime_infrastructure:3.4:device_pack9:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.0:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5.1:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack2:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack3:::::: cpe:2.3:a:cisco:prime_infrastructure:3.5:device_pack4:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6.0:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:3.6:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.0:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update05:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update06:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7.1:update07:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.7:device_pack2:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.0:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8.1:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:3.8:device_pack1:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.0:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.0:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.1:-:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update01:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update02:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update03:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9.1:update04:::::: cpe:2.3:a:cisco:prime_infrastructure:3.9:device_pack1::::::

Fri, 18 Jul 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 16 Jul 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.
Title		Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability
Weaknesses		CWE-89
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb
Metrics		cvssV3_1 `{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}`

Subscriptions

Cisco Evolved Programmable Network Manager Prime Infrastructure

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2025-07-16T16:16:28.878Z

Updated: 2025-07-18T14:30:51.552Z

Reserved: 2024-10-10T19:15:13.245Z

Link: CVE-2025-20272

Vulnrichment

Updated: 2025-07-18T14:30:48.548Z

NVD

Status : Analyzed

Published: 2025-07-16T17:15:28.613

Modified: 2025-07-31T15:15:35.187

Link: CVE-2025-20272

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-21T15:17:27Z

Weaknesses

CWE-89

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object