Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
TL;DR 📌
A stored cross-site scripting (XSS) vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This vulnerability allows an authenticated attacker to execute arbitrary scripts in the context of the affected interface. Users are advised to upgrade to fixed software versions as there are no workarounds available.
What happened 🕵️♂️
A vulnerability in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack. This occurs because the interface fails to properly validate user-supplied input. An attacker with valid administrative credentials could exploit this vulnerability by inserting malicious code into specific data fields, potentially executing arbitrary script code or accessing sensitive browser-based information.
Affected products 🖥️
- Cisco Evolved Programmable Network Manager (EPNM) versions 8.0 and earlier
- Cisco Prime Infrastructure versions 3.9 and earlier
Fixed software 🔧
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes | 
|---|---|---|
| 8.0 and earlier | Migrate to a fixed release. | |
| 8.1 | Not vulnerable. | |
| 3.9 and earlier | Migrate to a fixed release. | |
| 3.10 | 3.10.6 Security Update 02 | |
| 1.0 | Initial public release. | |
| Cisco EPNM | Migrate to a fixed release | |
| Cisco Prime Infrastructure | 3.10.6 Security Update 02 | 3.9 and earlier | 
Workarounds 🧯
There are no workarounds that address this vulnerability.
Risk in context 🎯
The vulnerability has a CVSS score of 4.8, which is categorized as Medium severity. While it requires valid administrative credentials for exploitation, the potential for executing arbitrary scripts poses a risk to sensitive information within the affected systems.
Fast facts ⚡
- Vulnerability Type: Stored Cross-Site Scripting (XSS)
- CVSS Score: 4.8 (Medium)
- Authentication Required: Yes (valid administrative credentials)
- Impact: Potential execution of arbitrary scripts and access to sensitive information
For leadership 🧭
This vulnerability presents a Medium risk to your organization, given its CVSS score of 4.8. It requires authenticated access, which limits exposure but still allows for potential exploitation if administrative credentials are compromised.
Remediation ask: Patch affected systems within 7 days by upgrading to the fixed software versions listed above.
Operational impact: Expect a brief maintenance window with no configuration drift anticipated.
Now / Next / Later:
- Now: Review affected systems and identify those running vulnerable software.
- Next: Schedule upgrades to the fixed software versions.
- Later: Monitor for any further advisories or updates from Cisco regarding this vulnerability.