Description
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

This vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Published: 2026-02-04
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Open Redirect
Action: Patch ASAP
AI Analysis

Impact

The vulnerability in Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure stems from improper input validation of HTTP request parameters, which allows an unauthenticated attacker to redirect users to malicious web pages. This default open‑redirect flaw could be used to launch phishing attacks or drive‑by download scenarios, potentially compromising user privacy or delivering malware. The underlying weakness is classified as CWE‑601.

Affected Systems

Affected products include Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure. For Prime Infrastructure, version 3.10.6:update01 is explicitly listed as affected; no specific EPNM version numbers are provided in the advisory.

Risk and Exploitability

The CVSS score of 4.3 ranks this vulnerability as moderate. The EPSS score of less than 1% indicates a very low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. An attacker can exploit the flaw by intercepting or modifying HTTP requests directed to the management interface; the attack does not require authentication or elevated privileges. Because the exploit is performed by manipulating received requests, any user who interacts with the vulnerable interface could be redirected, but no direct data loss or code execution is reported.

Generated by OpenCVE AI on April 17, 2026 at 23:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cisco EPNM and Prime Infrastructure to the latest versions that address the open‑redirect issue, as specified in Cisco’s security advisory.
  • If an upgrade cannot be performed immediately, block or sanitize the vulnerable URL parameters by placing a web proxy or firewall in front of the management interface to prevent external manipulation of requests.
  • Enable HSTS and enforce HTTPS on the management web interface to reduce the risk of man‑in‑the‑middle interception of request parameters.
  • Monitor access logs for unexpected redirects and run automated web‑application scans to confirm the vulnerability has been eliminated.

Generated by OpenCVE AI on April 17, 2026 at 23:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:prime_infrastructure:3.10.6:update01:*:*:*:*:*:*

Wed, 04 Feb 2026 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco evolved Programmable Network Manager
Cisco prime Infrastructure
Vendors & Products Cisco
Cisco evolved Programmable Network Manager
Cisco prime Infrastructure

Wed, 04 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Title Cisco Prime Infrastructure and Evolved Programmable Network Manager Open Redirect Vulnerability
Weaknesses CWE-601
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

Subscriptions

Cisco Evolved Programmable Network Manager Prime Infrastructure
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-02-04T16:40:42.923Z

Reserved: 2025-10-08T11:59:15.377Z

Link: CVE-2026-20123

cve-icon Vulnrichment

Updated: 2026-02-04T16:40:40.544Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-04T17:16:14.627

Modified: 2026-03-10T20:13:47.623

Link: CVE-2026-20123

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T23:30:15Z

Weaknesses