Description
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.

This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Published: 2026-02-04
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored XSS via authenticated input enabling arbitrary script execution in the management interface
Action: Assess Impact
AI Analysis

Impact

A stored cross‑site scripting flaw in Cisco Prime Infrastructure's web‑based management interface allows an attacker with administrative credentials to inject malicious scripts into specific data fields. When the stored data is later displayed to other users, the attacker‑supplied code executes in the users' browsers, potentially granting the attacker the ability to run arbitrary code or capture browser‑based information. The flaw arises from insufficient input validation and is classified as CWE‑79 and CWE‑798.

Affected Systems

Cisco Prime Infrastructure systems, including version 3.10.6 update01 and earlier releases, are susceptible to this vulnerability. The issue is present in the web interface across all supported configurations where users can input or edit data through the management portal.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity. EPSS shows a likelihood of exploitation below 1%, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to already possess valid administrative credentials to insert malicious data. Without privileged access, the vulnerability cannot be leveraged. Given the low EPSS and lack of public exploitation evidence, the risk is moderate but not critical.

Generated by OpenCVE AI on April 18, 2026 at 13:49 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Cisco's security advisories for updates or patches that address this XSS flaw.
  • Restrict web‑interface access to trusted administrators only and enforce least privilege.
  • Require strong, unique passwords for privileged accounts and conduct regular credential audits.

Generated by OpenCVE AI on April 18, 2026 at 13:49 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79
CPEs cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_infrastructure:3.10.6:update01:*:*:*:*:*:*

Wed, 04 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco prime Infrastructure
Vendors & Products Cisco
Cisco prime Infrastructure

Wed, 04 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Title Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
Weaknesses CWE-798
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Cisco Prime Infrastructure
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-02-04T16:41:39.389Z

Reserved: 2025-10-08T11:59:15.374Z

Link: CVE-2026-20111

cve-icon Vulnrichment

Updated: 2026-02-04T16:41:36.728Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T17:16:14.273

Modified: 2026-03-10T20:14:37.420

Link: CVE-2026-20111

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T14:00:02Z

Weaknesses