TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco Evolved Programmable Network Manager (EPNM) that allows authenticated attackers to upload arbitrary files. There are no workarounds available, and affected users should migrate to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco EPNM could allow an authenticated, remote attacker to upload arbitrary files. This issue arises from improper validation of uploaded files, enabling an attacker with valid Config Managers credentials to exploit the vulnerability by sending a crafted file upload request to a specific API endpoint.

TL;DR 📌

A medium-severity information disclosure vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This flaw allows authenticated, low-privileged users to access sensitive configuration information. Software updates are available to mitigate this risk, but there are no workarounds.

What happened 🕵️‍♂️

A vulnerability exists in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure. This issue arises from improper validation of requests to API endpoints. An authenticated attacker with low privileges could exploit this vulnerability to view sensitive configuration information that should be restricted.

TL;DR 📌

A stored cross-site scripting (XSS) vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This vulnerability allows an authenticated attacker to execute arbitrary scripts in the context of the affected interface. Users are advised to upgrade to fixed software versions as there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack. This occurs because the interface fails to properly validate user-supplied input. An attacker with valid administrative credentials could exploit this vulnerability by inserting malicious code into specific data fields, potentially executing arbitrary script code or accessing sensitive browser-based information.

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure, allowing authenticated low-privileged attackers to access sensitive files. No workarounds are available, and software updates are necessary to mitigate the risk.

What happened 🕵️‍♂️

A vulnerability exists in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure due to insufficient input validation for specific HTTP requests. An authenticated, low-privileged remote attacker could exploit this vulnerability to retrieve arbitrary files from the underlying file system of affected devices.

TL;DR 📌

• A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful…
• No fixed release listed yet; apply mitigations and monitor.
• Workarounds are documented in the advisory.
• CVEs: CVE-2025-20272.

What happened 🕵️‍♂️

A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.