Cisco Prime Infrastructure — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Prime Infrastructure, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (89)
CVE-2018-15379 — CVSS 9.8 (critical): A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an…
CVE-2016-1291 — CVSS 9.8 (critical): Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute…
CVE-2018-0258 — CVSS 9.8 (critical): A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote attacker to upload arbitrary…
CVE-2019-15958 — CVSS 9.8 (critical): A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) could allow an…
CVE-2016-1289 — CVSS 9.8 (critical): The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allows remote attackers to…
CVE-2014-0679 — CVSS 9.0 (critical): Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated…
CVE-2021-1487 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Evolved Programmable Network (EPN) Manager could…
CVE-2019-1821 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN)…
CVE-2016-1442 — CVSS 8.8 (high): The administrative web interface in Cisco Prime Infrastructure (PI) before 3.1.1 allows remote authenticated users to execute arbitrary…
CVE-2019-1823 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN)…
CVE-2016-1408 — CVSS 8.8 (high): Cisco Prime Infrastructure 1.2 through 3.1 and Evolved Programmable Network Manager (EPNM) 1.2 and 2.0 allow remote authenticated users to…
CVE-2016-6443 — CVSS 8.8 (high): A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an…
CVE-2016-1406 — CVSS 8.8 (high): The API web interface in Cisco Prime Infrastructure before 3.1 and Cisco Evolved Programmable Network Manager before 1.2.4 allows remote…
CVE-2016-1359 — CVSS 8.8 (high): Cisco Prime Infrastructure 3.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP request that is mishandled…
CVE-2016-1290 — CVSS 8.1 (high): The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote…
CVE-2019-1825 — CVSS 8.1 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN)…
CVE-2019-1824 — CVSS 8.1 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN)…
CVE-2017-6662 — CVSS 8.0 (high): A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could…
CVE-2019-1659 — CVSS 7.4 (high): A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an…
CVE-2019-1822 — CVSS 7.2 (high): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN)…
CVE-2014-2152 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the…
CVE-2015-6262 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the…
CVE-2013-1153 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the web interface in Cisco Prime Infrastructure allows remote attackers to hijack the…
CVE-2023-20129 — CVSS 6.5 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2017-3884 — CVSS 6.5 (medium): A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an…
CVE-2019-1818 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager…
CVE-2019-1819 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager…
CVE-2019-1820 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager…
CVE-2019-1906 — CVSS 6.5 (medium): A vulnerability in the Virtual Domain system of Cisco Prime Infrastructure (PI) could allow an authenticated, remote attacker to change the…
CVE-2022-20656 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an authenticated, remote attacker to…
CVE-2023-20127 — CVSS 6.5 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2023-20130 — CVSS 6.5 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2023-20131 — CVSS 6.5 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2023-20258 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2023-20271 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)…
CVE-2025-20269 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2016-1358 — CVSS 6.4 (medium): Cisco Prime Infrastructure 2.2, 3.0, and 3.1(0.0) allows remote authenticated users to read arbitrary files or cause a denial of service…
CVE-2023-20068 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote…
CVE-2022-20657 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco PI and Cisco EPNM could allow an unauthenticated, remote attacker…
CVE-2022-20659 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager…
CVE-2019-12713 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to…
CVE-2017-3848 — CVSS 6.1 (medium): A vulnerability in the HTTP web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to…
CVE-2019-1643 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to…
CVE-2018-0097 — CVSS 6.1 (medium): A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a…
CVE-2017-6611 — CVSS 6.1 (medium): A vulnerability in the web framework code of Cisco Prime Infrastructure 2.2(2) could allow an unauthenticated, remote attacker to conduct a…
CVE-2025-20120 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2019-12712 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to…
CVE-2015-6434 — CVSS 6.1 (medium): Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct…
CVE-2017-6725 — CVSS 6.1 (medium): A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a…
CVE-2017-6724 — CVSS 6.1 (medium): A vulnerability in the web framework code of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a…
CVE-2017-6700 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM)…
CVE-2018-15457 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to…
CVE-2017-6699 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM)…
CVE-2023-20260 — CVSS 6.0 (medium): A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an…
CVE-2023-20121 — CVSS 6.0 (medium): Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine…
CVE-2018-0096 — CVSS 5.9 (medium): A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote…
CVE-2021-34733 — CVSS 5.5 (medium): A vulnerability in the CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated…
CVE-2017-3869 — CVSS 5.4 (medium): An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2024-20514 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2020-3339 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2021-34784 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager…
CVE-2023-20069 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager…
CVE-2023-20203 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2023-20205 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2017-6698 — CVSS 5.4 (medium): A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow…
CVE-2017-6782 — CVSS 5.4 (medium): A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a…
CVE-2018-0482 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker…
CVE-2015-6332 — CVSS 5.0 (medium): Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation…
CVE-2023-20201 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager…
CVE-2025-20203 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2023-20222 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM)…
CVE-2023-20257 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2026-20111 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2026-20075 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2025-20280 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2021-1306 — CVSS 4.4 (medium): A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and…
CVE-2013-1247 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to…
CVE-2018-15433 — CVSS 4.3 (medium): A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive…
CVE-2026-20189 — CVSS 4.3 (medium): A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to…
CVE-2016-1474 — CVSS 4.3 (medium): Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct…
CVE-2025-20272 — CVSS 4.3 (medium): A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an…
CVE-2014-2147 — CVSS 4.3 (medium): The web interface in Cisco Prime Infrastructure 2.1 and earlier does not properly restrict use of IFRAME elements, which makes it easier…
CVE-2026-20123 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2025-20270 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure…
CVE-2018-15432 — CVSS 4.3 (medium): A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive…
CVE-2014-2153 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in INSERT pages in Cisco Prime Infrastructure allow remote attackers to inject…
CVE-2014-8007 — CVSS 4.0 (medium): Cisco Prime Infrastructure allows remote authenticated users to read device-discovery passwords by examining the HTML source code of the…
CVE-2015-4331 — CVSS 3.5 (low): Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass…