The web API in Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allows remote authenticated users to bypass intended RBAC restrictions and gain privileges via an HTTP request that is inconsistent with a pattern filter, aka Bug ID CSCuy10227.
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NCisco Evolved Programmable Network Manager
APPCisco1.2.0Cisco Prime Infrastructure
APPCisco1.21.2.0.1031.2.11.31.3.0.201.41.4.0.451.4.11.4.22.02.1.02.2Sun Opensolaris
OSSunsnv_124
Related vulnerabilities
A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Mana...
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory pe...
A vulnerability in the Cisco Prime File Upload servlet affecting multiple Cisco products could allow a remote ...
The API in Cisco Prime Infrastructure 1.2 through 3.0 and Evolved Programmable Network Manager (EPNM) 1.2 allo...
Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allo...