CVE-2023-20271

MEDIUM6.5Injection

Description

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.6 – 1.2.6
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.2 – 1.2.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.3 – 1.2.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.5 – 1.2.5
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.1.2 – 1.2.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.4 – 1.2.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.7 – 1.2.7
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2 – 1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.2.4 – 1.2.2.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)1.2.4.2 – 1.2.4.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.2 – 2.0.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.4 – 2.0.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.3 – 2.0.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.1 – 2.0.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0 – 2.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.1.1 – 2.0.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.2.1 – 2.0.2.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.4.1 – 2.0.4.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.0.4.2 – 2.0.4.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.2 – 2.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.3 – 2.1.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.1 – 2.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1 – 2.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.1.1 – 2.1.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.1.3 – 2.1.1.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.1.4 – 2.1.1.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.2.2 – 2.1.2.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.2.3 – 2.1.2.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.3.2 – 2.1.3.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.3.3 – 2.1.3.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.3.4 – 2.1.3.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.3.5 – 2.1.3.5
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.1.4 – 2.1.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.1 – 2.2.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2 – 2.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.1.1 – 2.2.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.1.2 – 2.2.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.1.3 – 2.2.1.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.1.4 – 2.2.1.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.3 – 2.2.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.4 – 2.2.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)2.2.5 – 2.2.5
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.0.1 – 3.0.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.0.2 – 3.0.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.0.3 – 3.0.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.0 – 3.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.1.1 – 3.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.1.2 – 3.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.1.3 – 3.1.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)3.1 – 3.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.1.1 – 4.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.1 – 4.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.1.1.1 – 4.1.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.1.1.2 – 4.1.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.0.3 – 4.0.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.0.1 – 4.0.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.0.2 – 4.0.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.0 – 4.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)4.0.3.1 – 4.0.3.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.1 – 5.0.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2 – 5.0.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.5 – 5.0.2.5
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.3 – 5.0.2.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.4 – 5.0.2.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.1 – 5.0.2.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.2 – 5.0.2.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0 – 5.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.0.2.6 – 5.0.2.6
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.1 – 5.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.2 – 5.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.3 – 5.1.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.4 – 5.1.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.4.2 – 5.1.4.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.4.1 – 5.1.4.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.4.3 – 5.1.4.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1 – 5.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.3.1 – 5.1.3.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.3.2 – 5.1.3.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)5.1.4.4 – 5.1.4.4
Cisco / Cisco Evolved Programmable Network Manager (EPNM)7.0.0 – 7.0.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.0 – 6.0.0
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.2 – 6.0.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.1 – 6.0.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.2.1 – 6.0.2.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.1.1 – 6.0.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.3 – 6.0.3
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.0.3.1 – 6.0.3.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.1.1 – 6.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.1.1.1 – 6.1.1.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.1 – 6.1
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.1.2 – 6.1.2
Cisco / Cisco Evolved Programmable Network Manager (EPNM)6.1.1.2.2 – 6.1.1.2.2
Cisco / Cisco Prime Infrastructure3.1_DP9 – 3.1_DP9
Cisco / Cisco Prime Infrastructure3.4_DP6 – 3.4_DP6
Cisco / Cisco Prime Infrastructure3.2_DP3 – 3.2_DP3
Cisco / Cisco Prime Infrastructure3.4_DP9 – 3.4_DP9
Cisco / Cisco Prime Infrastructure3.3_DP2 – 3.3_DP2
Cisco / Cisco Prime Infrastructure3.2_DP1 – 3.2_DP1
Cisco / Cisco Prime Infrastructure3.1_DP10 – 3.1_DP10
Cisco / Cisco Prime Infrastructure3.9_DP1 – 3.9_DP1
Cisco / Cisco Prime Infrastructure3.3_DP1 – 3.3_DP1
Cisco / Cisco Prime Infrastructure3.1_DP13 – 3.1_DP13
Cisco / Cisco Prime Infrastructure3.5_DP2 – 3.5_DP2
Cisco / Cisco Prime Infrastructure3.1_DP12 – 3.1_DP12
Cisco / Cisco Prime Infrastructure3.1_DP4 – 3.1_DP4
Cisco / Cisco Prime Infrastructure3.5_DP3 – 3.5_DP3
Cisco / Cisco Prime Infrastructure3.1_DP8 – 3.1_DP8
Cisco / Cisco Prime Infrastructure3.1_DP7 – 3.1_DP7
Cisco / Cisco Prime Infrastructure3.2_DP4 – 3.2_DP4
Cisco / Cisco Prime Infrastructure3.1_DP11 – 3.1_DP11
Cisco / Cisco Prime Infrastructure3.1_DP5 – 3.1_DP5
Cisco / Cisco Prime Infrastructure3.7.0 – 3.7.0
Cisco / Cisco Prime Infrastructure3.7.1 – 3.7.1
Cisco / Cisco Prime Infrastructure3.7.1 Update 04 – 3.7.1 Update 04
Cisco / Cisco Prime Infrastructure3.7.1 Update 06 – 3.7.1 Update 06
Cisco / Cisco Prime Infrastructure3.7.1 Update 07 – 3.7.1 Update 07
Cisco / Cisco Prime Infrastructure3.7.1 Update 03 – 3.7.1 Update 03
Cisco / Cisco Prime Infrastructure3.3.0 – 3.3.0
Cisco / Cisco Prime Infrastructure3.7.1 Update 01 – 3.7.1 Update 01
Cisco / Cisco Prime Infrastructure3.7.1 Update 02 – 3.7.1 Update 02
Cisco / Cisco Prime Infrastructure3.7.1 Update 05 – 3.7.1 Update 05
Cisco / Cisco Prime Infrastructure3.8.0 – 3.8.0
Cisco / Cisco Prime Infrastructure3.8.1 – 3.8.1
Cisco / Cisco Prime Infrastructure3.8.1 Update 02 – 3.8.1 Update 02
Cisco / Cisco Prime Infrastructure3.8.1 Update 04 – 3.8.1 Update 04
Cisco / Cisco Prime Infrastructure3.8.1 Update 01 – 3.8.1 Update 01
Cisco / Cisco Prime Infrastructure3.8.1 Update 03 – 3.8.1 Update 03
Cisco / Cisco Prime Infrastructure3.8.0 Update 01 – 3.8.0 Update 01
Cisco / Cisco Prime Infrastructure3.8.0 Update 02 – 3.8.0 Update 02
Cisco / Cisco Prime Infrastructure3.9.0 – 3.9.0
Cisco / Cisco Prime Infrastructure3.9.1 – 3.9.1
Cisco / Cisco Prime Infrastructure3.9.1 Update 02 – 3.9.1 Update 02
Cisco / Cisco Prime Infrastructure3.9.1 Update 03 – 3.9.1 Update 03
Cisco / Cisco Prime Infrastructure3.9.1 Update 01 – 3.9.1 Update 01
Cisco / Cisco Prime Infrastructure3.9.1 Update 04 – 3.9.1 Update 04
Cisco / Cisco Prime Infrastructure3.9.0 Update 01 – 3.9.0 Update 01
Cisco / Cisco Prime Infrastructure3.10.0 – 3.10.0
Cisco / Cisco Prime Infrastructure3.10.3 – 3.10.3
Cisco / Cisco Prime Infrastructure3.10.1 – 3.10.1
Cisco / Cisco Prime Infrastructure3.10.2 – 3.10.2
Cisco / Cisco Prime Infrastructure3.10 Update 01 – 3.10 Update 01
Cisco / Cisco Prime Infrastructure3.10.4 – 3.10.4
Cisco / Cisco Prime Infrastructure3.10.4 Update 01 – 3.10.4 Update 01
Cisco / Cisco Prime Infrastructure3.7.0 Update 03 – 3.7.0 Update 03
Cisco / Cisco Prime Infrastructure2.0.0 – 2.0.0
Cisco / Cisco Prime Infrastructure2.0.10 – 2.0.10
Cisco / Cisco Prime Infrastructure2.0.39 – 2.0.39
Cisco / Cisco Prime Infrastructure2.1.0 – 2.1.0
Cisco / Cisco Prime Infrastructure2.1.1 – 2.1.1
Cisco / Cisco Prime Infrastructure2.1.2 – 2.1.2
Cisco / Cisco Prime Infrastructure2.1.56 – 2.1.56
Cisco / Cisco Prime Infrastructure2.2.0 – 2.2.0
Cisco / Cisco Prime Infrastructure2.2.1 – 2.2.1
Cisco / Cisco Prime Infrastructure2.2.2 – 2.2.2
Cisco / Cisco Prime Infrastructure2.2.3 – 2.2.3
Cisco / Cisco Prime Infrastructure2.2.10 – 2.2.10
Cisco / Cisco Prime Infrastructure2.2.8 – 2.2.8
Cisco / Cisco Prime Infrastructure2.2.4 – 2.2.4
Cisco / Cisco Prime Infrastructure2.2.7 – 2.2.7
Cisco / Cisco Prime Infrastructure2.2.5 – 2.2.5
Cisco / Cisco Prime Infrastructure2.2.9 – 2.2.9
Cisco / Cisco Prime Infrastructure2.2.1 Update 01 – 2.2.1 Update 01
Cisco / Cisco Prime Infrastructure2.2.2 Update 03 – 2.2.2 Update 03
Cisco / Cisco Prime Infrastructure2.2.2 Update 04 – 2.2.2 Update 04
Cisco / Cisco Prime Infrastructure2.2.3 Update 02 – 2.2.3 Update 02
Cisco / Cisco Prime Infrastructure2.2.3 Update 03 – 2.2.3 Update 03
Cisco / Cisco Prime Infrastructure2.2.3 Update 04 – 2.2.3 Update 04
Cisco / Cisco Prime Infrastructure2.2.3 Update 05 – 2.2.3 Update 05
Cisco / Cisco Prime Infrastructure2.2.3 Update 06 – 2.2.3 Update 06
Cisco / Cisco Prime Infrastructure3.0.0 – 3.0.0
Cisco / Cisco Prime Infrastructure3.0.1 – 3.0.1
Cisco / Cisco Prime Infrastructure3.0.2 – 3.0.2
Cisco / Cisco Prime Infrastructure3.0.3 – 3.0.3
Cisco / Cisco Prime Infrastructure3.0.4 – 3.0.4
Cisco / Cisco Prime Infrastructure3.0.6 – 3.0.6
Cisco / Cisco Prime Infrastructure3.0.5 – 3.0.5
Cisco / Cisco Prime Infrastructure3.0.7 – 3.0.7
Cisco / Cisco Prime Infrastructure3.1.0 – 3.1.0
Cisco / Cisco Prime Infrastructure3.1.1 – 3.1.1
Cisco / Cisco Prime Infrastructure3.1.7 – 3.1.7
Cisco / Cisco Prime Infrastructure3.1.5 – 3.1.5
Cisco / Cisco Prime Infrastructure3.1.2 – 3.1.2
Cisco / Cisco Prime Infrastructure3.1.3 – 3.1.3
Cisco / Cisco Prime Infrastructure3.1.4 – 3.1.4
Cisco / Cisco Prime Infrastructure3.1.6 – 3.1.6
Cisco / Cisco Prime Infrastructure3.2.2 – 3.2.2
Cisco / Cisco Prime Infrastructure3.2.0-FIPS – 3.2.0-FIPS
Cisco / Cisco Prime Infrastructure3.2.1 – 3.2.1
Cisco / Cisco Prime Infrastructure3.3.1 – 3.3.1
Cisco / Cisco Prime Infrastructure3.3.0 Update 01 – 3.3.0 Update 01
Cisco / Cisco Prime Infrastructure3.4.0 – 3.4.0
Cisco / Cisco Prime Infrastructure3.4.1 – 3.4.1
Cisco / Cisco Prime Infrastructure3.4.2 – 3.4.2
Cisco / Cisco Prime Infrastructure3.4.1 Update 01 – 3.4.1 Update 01
Cisco / Cisco Prime Infrastructure3.4.1 Update 02 – 3.4.1 Update 02
Cisco / Cisco Prime Infrastructure3.4.2 Update 01 – 3.4.2 Update 01
Cisco / Cisco Prime Infrastructure3.5.0 – 3.5.0
Cisco / Cisco Prime Infrastructure3.5.1 – 3.5.1
Cisco / Cisco Prime Infrastructure3.5.0 Update 01 – 3.5.0 Update 01
Cisco / Cisco Prime Infrastructure3.5.0 Update 02 – 3.5.0 Update 02
Cisco / Cisco Prime Infrastructure3.5.0 Update 03 – 3.5.0 Update 03
Cisco / Cisco Prime Infrastructure3.5.1 Update 01 – 3.5.1 Update 01
Cisco / Cisco Prime Infrastructure3.5.1 Update 02 – 3.5.1 Update 02
Cisco / Cisco Prime Infrastructure3.5.1 Update 03 – 3.5.1 Update 03
Cisco / Cisco Prime Infrastructure3.6.0 – 3.6.0
Cisco / Cisco Prime Infrastructure3.6.0 Update 01 – 3.6.0 Update 01
Cisco / Cisco Prime Infrastructure3.6.0 Update 02 – 3.6.0 Update 02
Cisco / Cisco Prime Infrastructure3.6.0 Update 03 – 3.6.0 Update 03
Cisco / Cisco Prime Infrastructure3.6.0 Update 04 – 3.6.0 Update 04
Cisco / Cisco Prime Infrastructure2.1 – 2.1
Cisco / Cisco Prime Infrastructure2.2 – 2.2
Cisco / Cisco Prime Infrastructure3.2 – 3.2
Cisco / Cisco Prime Infrastructure3.4_DP1 – 3.4_DP1
Cisco / Cisco Prime Infrastructure3.4_DP3 – 3.4_DP3
Cisco / Cisco Prime Infrastructure3.4_DP2 – 3.4_DP2
Cisco / Cisco Prime Infrastructure3.5_DP1 – 3.5_DP1
Cisco / Cisco Prime Infrastructure3.4_DP7 – 3.4_DP7
Cisco / Cisco Prime Infrastructure3.4_DP10 – 3.4_DP10
Cisco / Cisco Prime Infrastructure3.4_DP5 – 3.4_DP5
Cisco / Cisco Prime Infrastructure3.1_DP15 – 3.1_DP15
Cisco / Cisco Prime Infrastructure3.4_DP11 – 3.4_DP11
Cisco / Cisco Prime Infrastructure3.4_DP8 – 3.4_DP8
Cisco / Cisco Prime Infrastructure3.7_DP1 – 3.7_DP1
Cisco / Cisco Prime Infrastructure3.3_DP4 – 3.3_DP4
Cisco / Cisco Prime Infrastructure3.10_DP1 – 3.10_DP1
Cisco / Cisco Prime Infrastructure3.8_DP1 – 3.8_DP1
Cisco / Cisco Prime Infrastructure3.7_DP2 – 3.7_DP2
Cisco / Cisco Prime Infrastructure3.6_DP1 – 3.6_DP1
Cisco / Cisco Prime Infrastructure3.1_DP16 – 3.1_DP16
Cisco / Cisco Prime Infrastructure3.5_DP4 – 3.5_DP4
Cisco / Cisco Prime Infrastructure3.3_DP3 – 3.3_DP3
Cisco / Cisco Prime Infrastructure3.2_DP2 – 3.2_DP2
Cisco / Cisco Prime Infrastructure3.4_DP4 – 3.4_DP4
Cisco / Cisco Prime Infrastructure3.1_DP14 – 3.1_DP14
Cisco / Cisco Prime Infrastructure3.1_DP6 – 3.1_DP6

References

VENDOR_ADVISORYhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-epnm-wkZJeyeq