Home
MEDIUM: 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NDefault status
unknown
3.0.1
affected
3.1.2
affected
1.2
affected
3.1.1
affected
3.1.3
affected
3.1
affected
3.0.3
affected
3.0.2
affected
3.0
affected
2.2
affected
1.1
affected
2.1
affected
2.0
affected
4.1
affected
4.1.1
affected
4.0.3
affected
4.0.1
affected
4.0.2
affected
4.0
affected
5.0
affected
5.0.1
affected
5.1.1
affected
5.1
affected
5.0.2
affected
5.1.2
affected
5.1.3
affected
5.1.4
affected
6.1.1
affected
6.1
affected
6.0.0
affected
6.0.1
affected
6.0.2
affected
7.0.0
affected
1.2.5
affected
1.2.6
affected
2.0.1
affected
1.2.2
affected
1.2.3
affected
1.2.4
affected
1.2.7
affected
1.2.1.2
affected
2.2.1
affected
2.1.3
affected
2.0.2
affected
2.0.3
affected
2.1.2
affected
2.0.4
affected
2.1.1
affected
5.0.2.5
affected
5.1.4.3
affected
6.0.2.1
affected
6.1.1.1
affected
5.0.2.1
affected
5.0.2.2
affected
5.0.2.3
affected
5.0.2.4
affected
5.1.4.1
affected
5.1.4.2
affected
2.1.4
affected
2.2.4
affected
2.2.3
affected
2.2.5
affected
5.1.3.2
affected
5.1.3.1
affected
6.0.1.1
affected
4.1.1.2
affected
4.1.1.1
affected
4.0.3.1
affected
2.0.1.1
affected
2.1.1.3
affected
2.1.1.1
affected
2.1.1.4
affected
2.0.4.2
affected
2.0.4.1
affected
2.1.2.2
affected
2.1.2.3
affected
2.0.2.1
affected
2.1.3.4
affected
2.1.3.3
affected
2.1.3.2
affected
2.1.3.5
affected
2.2.1.2
affected
2.2.1.1
affected
2.2.1.4
affected
2.2.1.3
affected
1.2.4.2
affected
1.2.2.4
affected
6.0.3
affected
5.1.4.4
affected
5.0.2.6
affected
6.0.3.1
affected
6.1.2
affected
6.1.1.2.2
affected
6.1.2.1
affected
6.1.2.2
affected
7.1.1
affected
7.1.2.1
affected
7.0.1.3
affected
7.1.3
affected
7.1.2
affected
7.0.1.2
affected
7.0.1.1
affected
7.0.1
affected
7.1.0
affected
8.0.0
affected
6.1.2.3
affected
8.0.0.1
affected
7.1.3.1
affected
7.1.4
affected
8.1.0
affected
Default status
unknown
3.0.0
affected
3.1.0
affected
3.1.5
affected
2.1
affected
2.0.0
affected
3.6.0
affected
3.7.0
affected
3.4.0
affected
3.3.0
affected
3.2
affected
3.5.0
affected
3.2.0-FIPS
affected
2.2
affected
3.8.0-FED
affected
3.9.0
affected
3.8.0
affected
3.10.0
affected
3.1.1
affected
2.1.2
affected
2.2.1
affected
2.2.0
affected
3.0.2
affected
3.0.3
affected
3.0.1
affected
2.2.2
affected
2.2.3
affected
2.1.0
affected
2.1.1
affected
3.9.1
affected
2.0.10
affected
3.8.1
affected
3.7.1
affected
3.5.1
affected
3.4.2
affected
3.3.1
affected
3.1.7
affected
3.2.1
affected
3.2.2
affected
3.1.6
affected
3.1.2
affected
3.4.1
affected
3.1.3
affected
3.1.4
affected
3.0.6
affected
2.2.10
affected
3.0.4
affected
3.0.5
affected
2.1.56
affected
2.2.4
affected
2.2.9
affected
2.2.8
affected
2.2.5
affected
2.2.7
affected
2.0.39
affected
3.8_DP1
affected
3.9_DP1
affected
3.7_DP2
affected
3.6_DP1
affected
3.5_DP4
affected
3.5_DP2
affected
3.4_DP10
affected
3.7_DP1
affected
3.5_DP3
affected
3.4_DP11
affected
3.5_DP1
affected
3.4_DP8
affected
3.4_DP1
affected
3.4_DP3
affected
3.4_DP5
affected
3.4_DP2
affected
3.4_DP7
affected
3.4_DP6
affected
3.3_DP4
affected
3.4_DP4
affected
3.4_DP9
affected
3.1_DP16
affected
3.3_DP2
affected
3.3_DP3
affected
3.1_DP15
affected
3.3_DP1
affected
3.1_DP13
affected
3.2_DP2
affected
3.2_DP1
affected
3.2_DP3
affected
3.1_DP14
affected
3.2_DP4
affected
3.1_DP7
affected
3.1_DP10
affected
3.1_DP11
affected
3.1_DP4
affected
3.1_DP6
affected
3.1_DP12
affected
3.1_DP5
affected
3.0.7
affected
3.1_DP9
affected
3.1_DP8
affected
3.10_DP1
affected
3.10.2
affected
3.10.3
affected
3.10
affected
3.10.1
affected
3.7.1 Update 03
affected
3.7.1 Update 04
affected
3.7.1 Update 06
affected
3.7.1 Update 07
affected
3.8.1 Update 01
affected
3.8.1 Update 02
affected
3.8.1 Update 03
affected
3.8.1 Update 04
affected
3.9.1 Update 01
affected
3.9.1 Update 02
affected
3.9.1 Update 03
affected
3.9.1 Update 04
affected
3.10 Update 01
affected
3.4.2 Update 01
affected
3.6.0 Update 04
affected
3.6.0 Update 02
affected
3.6.0 Update 03
affected
3.6.0 Update 01
affected
3.5.1 Update 03
affected
3.5.1 Update 01
affected
3.5.1 Update 02
affected
3.7.0 Update 03
affected
2.2.3 Update 05
affected
2.2.3 Update 04
affected
2.2.3 Update 06
affected
2.2.3 Update 03
affected
2.2.3 Update 02
affected
2.2.1 Update 01
affected
2.2.2 Update 03
affected
2.2.2 Update 04
affected
3.8.0 Update 01
affected
3.8.0 Update 02
affected
3.7.1 Update 01
affected
3.7.1 Update 02
affected
3.7.1 Update 05
affected
3.9.0 Update 01
affected
3.3.0 Update 01
affected
3.4.1 Update 02
affected
3.4.1 Update 01
affected
3.5.0 Update 03
affected
3.5.0 Update 01
affected
3.5.0 Update 02
affected
3.10.4
affected
3.10.4 Update 01
affected
3.10.4 Update 02
affected
3.10.4 Update 03
affected
3.10.5
affected
3.10.6
affected
3.10.6 Update 01
affected
Description
A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device.
Problem types
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Product status
3.0.1
3.1.2
1.2
3.1.1
3.1.3
3.1
3.0.3
3.0.2
3.0
2.2
1.1
2.1
2.0
4.1
4.1.1
4.0.3
4.0.1
4.0.2
4.0
5.0
5.0.1
5.1.1
5.1
5.0.2
5.1.2
5.1.3
5.1.4
6.1.1
6.1
6.0.0
6.0.1
6.0.2
7.0.0
1.2.5
1.2.6
2.0.1
1.2.2
1.2.3
1.2.4
1.2.7
1.2.1.2
2.2.1
2.1.3
2.0.2
2.0.3
2.1.2
2.0.4
2.1.1
5.0.2.5
5.1.4.3
6.0.2.1
6.1.1.1
5.0.2.1
5.0.2.2
5.0.2.3
5.0.2.4
5.1.4.1
5.1.4.2
2.1.4
2.2.4
2.2.3
2.2.5
5.1.3.2
5.1.3.1
6.0.1.1
4.1.1.2
4.1.1.1
4.0.3.1
2.0.1.1
2.1.1.3
2.1.1.1
2.1.1.4
2.0.4.2
2.0.4.1
2.1.2.2
2.1.2.3
2.0.2.1
2.1.3.4
2.1.3.3
2.1.3.2
2.1.3.5
2.2.1.2
2.2.1.1
2.2.1.4
2.2.1.3
1.2.4.2
1.2.2.4
6.0.3
5.1.4.4
5.0.2.6
6.0.3.1
6.1.2
6.1.1.2.2
6.1.2.1
6.1.2.2
7.1.1
7.1.2.1
7.0.1.3
7.1.3
7.1.2
7.0.1.2
7.0.1.1
7.0.1
7.1.0
8.0.0
6.1.2.3
8.0.0.1
7.1.3.1
7.1.4
8.1.0
3.0.0
3.1.0
3.1.5
2.1
2.0.0
3.6.0
3.7.0
3.4.0
3.3.0
3.2
3.5.0
3.2.0-FIPS
2.2
3.8.0-FED
3.9.0
3.8.0
3.10.0
3.1.1
2.1.2
2.2.1
2.2.0
3.0.2
3.0.3
3.0.1
2.2.2
2.2.3
2.1.0
2.1.1
3.9.1
2.0.10
3.8.1
3.7.1
3.5.1
3.4.2
3.3.1
3.1.7
3.2.1
3.2.2
3.1.6
3.1.2
3.4.1
3.1.3
3.1.4
3.0.6
2.2.10
3.0.4
3.0.5
2.1.56
2.2.4
2.2.9
2.2.8
2.2.5
2.2.7
2.0.39
3.8_DP1
3.9_DP1
3.7_DP2
3.6_DP1
3.5_DP4
3.5_DP2
3.4_DP10
3.7_DP1
3.5_DP3
3.4_DP11
3.5_DP1
3.4_DP8
3.4_DP1
3.4_DP3
3.4_DP5
3.4_DP2
3.4_DP7
3.4_DP6
3.3_DP4
3.4_DP4
3.4_DP9
3.1_DP16
3.3_DP2
3.3_DP3
3.1_DP15
3.3_DP1
3.1_DP13
3.2_DP2
3.2_DP1
3.2_DP3
3.1_DP14
3.2_DP4
3.1_DP7
3.1_DP10
3.1_DP11
3.1_DP4
3.1_DP6
3.1_DP12
3.1_DP5
3.0.7
3.1_DP9
3.1_DP8
3.10_DP1
3.10.2
3.10.3
3.10
3.10.1
3.7.1 Update 03
3.7.1 Update 04
3.7.1 Update 06
3.7.1 Update 07
3.8.1 Update 01
3.8.1 Update 02
3.8.1 Update 03
3.8.1 Update 04
3.9.1 Update 01
3.9.1 Update 02
3.9.1 Update 03
3.9.1 Update 04
3.10 Update 01
3.4.2 Update 01
3.6.0 Update 04
3.6.0 Update 02
3.6.0 Update 03
3.6.0 Update 01
3.5.1 Update 03
3.5.1 Update 01
3.5.1 Update 02
3.7.0 Update 03
2.2.3 Update 05
2.2.3 Update 04
2.2.3 Update 06
2.2.3 Update 03
2.2.3 Update 02
2.2.1 Update 01
2.2.2 Update 03
2.2.2 Update 04
3.8.0 Update 01
3.8.0 Update 02
3.7.1 Update 01
3.7.1 Update 02
3.7.1 Update 05
3.9.0 Update 01
3.3.0 Update 01
3.4.1 Update 02
3.4.1 Update 01
3.5.0 Update 03
3.5.0 Update 01
3.5.0 Update 02
3.10.4
3.10.4 Update 01
3.10.4 Update 02
3.10.4 Update 03
3.10.5
3.10.6
3.10.6 Update 01
References
sec.cloudapps.cisco.com/...sory/cisco-sa-piepnm-bsi-25JJqsbb (cisco-sa-piepnm-bsi-25JJqsbb)