CVE-2023-20131

MEDIUM Year: 2023
CVSS v3 Score
5.4
Medium
Weakness Type
CWE-27
View all →

Vulnerability Description

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. For more information about these vulnerabilities, see the Details section of this advisory.

Related Vulnerabilities

CVE-2024-25828

MEDIUM
CVSS:4.9(Medium)

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php.

CWE-272024

CVE-2023-20127

MEDIUM
CVSS:6.5(Medium)

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged in...

CWE-272023

CVE-2023-20129

MEDIUM
CVSS:6.5(Medium)

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged in...

CWE-272023

CVE-2023-20130

MEDIUM
CVSS:6.5(Medium)

Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged in...

CWE-272023

CVE-2023-34125

MEDIUM
CVSS:6.5(Medium)

Path Traversal vulnerability in GMS and Analytics allows an authenticated attacker to read arbitrary files from the underlying filesystem with root privileges. This issue affects GMS: 9.3.2-SP1 and ea...

CWE-272023

CVE-2023-20090

MEDIUM
CVSS:6.7(Medium)

A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access contr...

CWE-272023