virus logo Intrusion Prevention

Cisco.Prime.Infrastructure.And.EPNM.SystemPreferences.XSS

description-logoDescription

This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted HTTP request. A remote attacker can exploit this to execute arbitrary script code within the context of the user's browser.

affected-products-logoAffected Products

Cisco Systems Evolved Programmable Network Manager prior to 3.1.5
Cisco Systems Prime Infrastructure prior to 3.1.5

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser

recomended-action-logoRecommended Actions

Apply patch available from the website.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm3

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm3
ID 44252
Created Jul 21, 2017
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2017-6699
Exploit Prediction Score 0.11%
Default Action drop
Active
Affected OS Other
Affected App Cisco