U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 43 matching records.
Displaying matches 41 through 43.
Vuln ID Summary CVSS Severity
CVE-2016-1290

The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.

Published: April 06, 2016; 7:59:10 PM -0400 		V4.0:(not available)
 V3.0: 8.1 HIGH
V2.0: 5.5 MEDIUM
CVE-2016-1358

Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCuw81497.

Published: March 03, 2016; 5:59:15 PM -0500 		V4.0:(not available)
 V3.0: 6.4 MEDIUM
V2.0: 5.5 MEDIUM
CVE-2015-6332

Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation requests, aka Bug ID CSCuv56830.

Published: October 12, 2015; 8:59:02 PM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM