Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-20120
Analyzed
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-02 Apr, 2025 | 17:15
Updated At-06 Aug, 2025 | 15:25

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.1MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.0.0
cpe:2.3:a:cisco:prime_infrastructure:2.0.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.0.10
cpe:2.3:a:cisco:prime_infrastructure:2.0.10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.0.39
cpe:2.3:a:cisco:prime_infrastructure:2.0.39:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.1
cpe:2.3:a:cisco:prime_infrastructure:2.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.1.0
cpe:2.3:a:cisco:prime_infrastructure:2.1.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.1.1
cpe:2.3:a:cisco:prime_infrastructure:2.1.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.1.2
cpe:2.3:a:cisco:prime_infrastructure:2.1.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.1.56
cpe:2.3:a:cisco:prime_infrastructure:2.1.56:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2
cpe:2.3:a:cisco:prime_infrastructure:2.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.0
cpe:2.3:a:cisco:prime_infrastructure:2.2.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.1
cpe:2.3:a:cisco:prime_infrastructure:2.2.1:-:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.1
cpe:2.3:a:cisco:prime_infrastructure:2.2.1:update01:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.2
cpe:2.3:a:cisco:prime_infrastructure:2.2.2:-:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.2
cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update03:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.2
cpe:2.3:a:cisco:prime_infrastructure:2.2.2:update04:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:-:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update02:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update03:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update04:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update05:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.3
cpe:2.3:a:cisco:prime_infrastructure:2.2.3:update06:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.4
cpe:2.3:a:cisco:prime_infrastructure:2.2.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.5
cpe:2.3:a:cisco:prime_infrastructure:2.2.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.7
cpe:2.3:a:cisco:prime_infrastructure:2.2.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.8
cpe:2.3:a:cisco:prime_infrastructure:2.2.8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.9
cpe:2.3:a:cisco:prime_infrastructure:2.2.9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>2.2.10
cpe:2.3:a:cisco:prime_infrastructure:2.2.10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.0
cpe:2.3:a:cisco:prime_infrastructure:3.0.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.1
cpe:2.3:a:cisco:prime_infrastructure:3.0.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.2
cpe:2.3:a:cisco:prime_infrastructure:3.0.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.3
cpe:2.3:a:cisco:prime_infrastructure:3.0.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.4
cpe:2.3:a:cisco:prime_infrastructure:3.0.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.5
cpe:2.3:a:cisco:prime_infrastructure:3.0.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.6
cpe:2.3:a:cisco:prime_infrastructure:3.0.6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.0.7
cpe:2.3:a:cisco:prime_infrastructure:3.0.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack10:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack11:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack12:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack13:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack14:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack15:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack16:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack4:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack5:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack6:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack7:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack8:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1
cpe:2.3:a:cisco:prime_infrastructure:3.1:device_pack9:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1.0
cpe:2.3:a:cisco:prime_infrastructure:3.1.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>prime_infrastructure>>3.1.1
cpe:2.3:a:cisco:prime_infrastructure:3.1.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarypsirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4psirt@cisco.com
Vendor Advisory
Change History
0Changes found
Details not found