CVE-2025-20120

EPSS 0.02%
Published 02.04.2025 17:15:42
Last modified 06.08.2025 15:25:47
Source psirt@cisco.com
Teams watchlist Login
Open Login

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.

 This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Prime Infrastructure Version2.0.0

Cisco ≫ Prime Infrastructure Version2.0.10

Cisco ≫ Prime Infrastructure Version2.0.39

Cisco ≫ Prime Infrastructure Version2.1

Cisco ≫ Prime Infrastructure Version2.1.0

Cisco ≫ Prime Infrastructure Version2.1.1

Cisco ≫ Prime Infrastructure Version2.1.2

Cisco ≫ Prime Infrastructure Version2.1.56

Cisco ≫ Prime Infrastructure Version2.2

Cisco ≫ Prime Infrastructure Version2.2.0

Cisco ≫ Prime Infrastructure Version2.2.1 Update-

Cisco ≫ Prime Infrastructure Version2.2.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version2.2.2 Update-

Cisco ≫ Prime Infrastructure Version2.2.2 Updateupdate03

Cisco ≫ Prime Infrastructure Version2.2.2 Updateupdate04

Cisco ≫ Prime Infrastructure Version2.2.3 Update-

Cisco ≫ Prime Infrastructure Version2.2.3 Updateupdate02

Cisco ≫ Prime Infrastructure Version2.2.3 Updateupdate03

Cisco ≫ Prime Infrastructure Version2.2.3 Updateupdate04

Cisco ≫ Prime Infrastructure Version2.2.3 Updateupdate05

Cisco ≫ Prime Infrastructure Version2.2.3 Updateupdate06

Cisco ≫ Prime Infrastructure Version2.2.4

Cisco ≫ Prime Infrastructure Version2.2.5

Cisco ≫ Prime Infrastructure Version2.2.7

Cisco ≫ Prime Infrastructure Version2.2.8

Cisco ≫ Prime Infrastructure Version2.2.9

Cisco ≫ Prime Infrastructure Version2.2.10

Cisco ≫ Prime Infrastructure Version3.0.0

Cisco ≫ Prime Infrastructure Version3.0.1

Cisco ≫ Prime Infrastructure Version3.0.2

Cisco ≫ Prime Infrastructure Version3.0.3

Cisco ≫ Prime Infrastructure Version3.0.4

Cisco ≫ Prime Infrastructure Version3.0.5

Cisco ≫ Prime Infrastructure Version3.0.6

Cisco ≫ Prime Infrastructure Version3.0.7

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack10

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack11

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack12

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack13

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack14

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack15

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack16

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack4

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack5

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack6

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack7

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack8

Cisco ≫ Prime Infrastructure Version3.1 Updatedevice_pack9

Cisco ≫ Prime Infrastructure Version3.1.0

Cisco ≫ Prime Infrastructure Version3.1.1

Cisco ≫ Prime Infrastructure Version3.1.2

Cisco ≫ Prime Infrastructure Version3.1.3

Cisco ≫ Prime Infrastructure Version3.1.4

Cisco ≫ Prime Infrastructure Version3.1.5

Cisco ≫ Prime Infrastructure Version3.1.6

Cisco ≫ Prime Infrastructure Version3.1.7

Cisco ≫ Prime Infrastructure Version3.2

Cisco ≫ Prime Infrastructure Version3.2 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.2 Updatedevice_pack2

Cisco ≫ Prime Infrastructure Version3.2 Updatedevice_pack3

Cisco ≫ Prime Infrastructure Version3.2 Updatedevice_pack4

Cisco ≫ Prime Infrastructure Version3.2.0-fips

Cisco ≫ Prime Infrastructure Version3.2.1

Cisco ≫ Prime Infrastructure Version3.2.2

Cisco ≫ Prime Infrastructure Version3.3 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.3 Updatedevice_pack2

Cisco ≫ Prime Infrastructure Version3.3 Updatedevice_pack3

Cisco ≫ Prime Infrastructure Version3.3 Updatedevice_pack4

Cisco ≫ Prime Infrastructure Version3.3.0 Update-

Cisco ≫ Prime Infrastructure Version3.3.0 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.3.1

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack10

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack11

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack2

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack3

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack4

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack5

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack6

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack7

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack8

Cisco ≫ Prime Infrastructure Version3.4 Updatedevice_pack9

Cisco ≫ Prime Infrastructure Version3.4.0

Cisco ≫ Prime Infrastructure Version3.4.1 Update-

Cisco ≫ Prime Infrastructure Version3.4.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.4.1 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.4.2 Update-

Cisco ≫ Prime Infrastructure Version3.4.2 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.5 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.5 Updatedevice_pack2

Cisco ≫ Prime Infrastructure Version3.5 Updatedevice_pack3

Cisco ≫ Prime Infrastructure Version3.5 Updatedevice_pack4

Cisco ≫ Prime Infrastructure Version3.5.0 Update-

Cisco ≫ Prime Infrastructure Version3.5.0 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.5.0 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.5.0 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.5.1 Update-

Cisco ≫ Prime Infrastructure Version3.5.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.5.1 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.5.1 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.6 Updatedevice_pack1*

Cisco ≫ Prime Infrastructure Version3.6.0 Update-

Cisco ≫ Prime Infrastructure Version3.6.0 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.6.0 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.6.0 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.6.0 Updateupdate04

Cisco ≫ Prime Infrastructure Version3.7 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.7 Updatedevice_pack2

Cisco ≫ Prime Infrastructure Version3.7.0 Update-

Cisco ≫ Prime Infrastructure Version3.7.0 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.7.1 Update-

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate04

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate05

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate06

Cisco ≫ Prime Infrastructure Version3.7.1 Updateupdate07

Cisco ≫ Prime Infrastructure Version3.8 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.8.0 Update-

Cisco ≫ Prime Infrastructure Version3.8.0 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.8.0 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.8.1 Update-

Cisco ≫ Prime Infrastructure Version3.8.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.8.1 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.8.1 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.8.1 Updateupdate04

Cisco ≫ Prime Infrastructure Version3.9 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.9.0 Update-

Cisco ≫ Prime Infrastructure Version3.9.0 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.9.1 Update-

Cisco ≫ Prime Infrastructure Version3.9.1 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.9.1 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.9.1 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.9.1 Updateupdate04

Cisco ≫ Prime Infrastructure Version3.10 Updatedevice_pack1

Cisco ≫ Prime Infrastructure Version3.10 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.10.0

Cisco ≫ Prime Infrastructure Version3.10.1

Cisco ≫ Prime Infrastructure Version3.10.2

Cisco ≫ Prime Infrastructure Version3.10.3

Cisco ≫ Prime Infrastructure Version3.10.4 Update-

Cisco ≫ Prime Infrastructure Version3.10.4 Updateupdate01

Cisco ≫ Prime Infrastructure Version3.10.4 Updateupdate02

Cisco ≫ Prime Infrastructure Version3.10.4 Updateupdate03

Cisco ≫ Prime Infrastructure Version3.10.5

Cisco ≫ Prime Infrastructure Version3.10.6

Cisco ≫ Evolved Programmable Network Manager Version1.2

Cisco ≫ Evolved Programmable Network Manager Version1.2.1.2

Cisco ≫ Evolved Programmable Network Manager Version1.2.2

Cisco ≫ Evolved Programmable Network Manager Version1.2.2.4

Cisco ≫ Evolved Programmable Network Manager Version1.2.3

Cisco ≫ Evolved Programmable Network Manager Version1.2.4

Cisco ≫ Evolved Programmable Network Manager Version1.2.4.2

Cisco ≫ Evolved Programmable Network Manager Version1.2.5

Cisco ≫ Evolved Programmable Network Manager Version1.2.6

Cisco ≫ Evolved Programmable Network Manager Version1.2.7

Cisco ≫ Evolved Programmable Network Manager Version2.0

Cisco ≫ Evolved Programmable Network Manager Version2.0.1

Cisco ≫ Evolved Programmable Network Manager Version2.0.1.1

Cisco ≫ Evolved Programmable Network Manager Version2.0.2

Cisco ≫ Evolved Programmable Network Manager Version2.0.2.1

Cisco ≫ Evolved Programmable Network Manager Version2.0.3

Cisco ≫ Evolved Programmable Network Manager Version2.0.4

Cisco ≫ Evolved Programmable Network Manager Version2.0.4.1

Cisco ≫ Evolved Programmable Network Manager Version2.0.4.2

Cisco ≫ Evolved Programmable Network Manager Version2.1

Cisco ≫ Evolved Programmable Network Manager Version2.1.1

Cisco ≫ Evolved Programmable Network Manager Version2.1.1.1

Cisco ≫ Evolved Programmable Network Manager Version2.1.1.3

Cisco ≫ Evolved Programmable Network Manager Version2.1.1.4

Cisco ≫ Evolved Programmable Network Manager Version2.1.2

Cisco ≫ Evolved Programmable Network Manager Version2.1.2.2

Cisco ≫ Evolved Programmable Network Manager Version2.1.2.3

Cisco ≫ Evolved Programmable Network Manager Version2.1.3

Cisco ≫ Evolved Programmable Network Manager Version2.1.3.2

Cisco ≫ Evolved Programmable Network Manager Version2.1.3.3

Cisco ≫ Evolved Programmable Network Manager Version2.1.3.4

Cisco ≫ Evolved Programmable Network Manager Version2.1.3.5

Cisco ≫ Evolved Programmable Network Manager Version2.1.4

Cisco ≫ Evolved Programmable Network Manager Version2.2

Cisco ≫ Evolved Programmable Network Manager Version2.2.1

Cisco ≫ Evolved Programmable Network Manager Version2.2.1.1

Cisco ≫ Evolved Programmable Network Manager Version2.2.1.2

Cisco ≫ Evolved Programmable Network Manager Version2.2.1.3

Cisco ≫ Evolved Programmable Network Manager Version2.2.1.4

Cisco ≫ Evolved Programmable Network Manager Version2.2.3

Cisco ≫ Evolved Programmable Network Manager Version2.2.4

Cisco ≫ Evolved Programmable Network Manager Version2.2.5

Cisco ≫ Evolved Programmable Network Manager Version3.0

Cisco ≫ Evolved Programmable Network Manager Version3.0.1

Cisco ≫ Evolved Programmable Network Manager Version3.0.2

Cisco ≫ Evolved Programmable Network Manager Version3.0.3

Cisco ≫ Evolved Programmable Network Manager Version3.1

Cisco ≫ Evolved Programmable Network Manager Version3.1.1

Cisco ≫ Evolved Programmable Network Manager Version3.1.2

Cisco ≫ Evolved Programmable Network Manager Version3.1.3

Cisco ≫ Evolved Programmable Network Manager Version4.0

Cisco ≫ Evolved Programmable Network Manager Version4.0.1

Cisco ≫ Evolved Programmable Network Manager Version4.0.2

Cisco ≫ Evolved Programmable Network Manager Version4.0.3

Cisco ≫ Evolved Programmable Network Manager Version4.0.3.1

Cisco ≫ Evolved Programmable Network Manager Version4.1

Cisco ≫ Evolved Programmable Network Manager Version4.1.1

Cisco ≫ Evolved Programmable Network Manager Version4.1.1.1

Cisco ≫ Evolved Programmable Network Manager Version4.1.1.2

Cisco ≫ Evolved Programmable Network Manager Version5.0

Cisco ≫ Evolved Programmable Network Manager Version5.0.1

Cisco ≫ Evolved Programmable Network Manager Version5.0.2

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.1

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.2

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.3

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.4

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.5

Cisco ≫ Evolved Programmable Network Manager Version5.0.2.6

Cisco ≫ Evolved Programmable Network Manager Version5.1

Cisco ≫ Evolved Programmable Network Manager Version5.1.1

Cisco ≫ Evolved Programmable Network Manager Version5.1.2

Cisco ≫ Evolved Programmable Network Manager Version5.1.3

Cisco ≫ Evolved Programmable Network Manager Version5.1.3.1

Cisco ≫ Evolved Programmable Network Manager Version5.1.3.2

Cisco ≫ Evolved Programmable Network Manager Version5.1.4

Cisco ≫ Evolved Programmable Network Manager Version5.1.4.1

Cisco ≫ Evolved Programmable Network Manager Version5.1.4.2

Cisco ≫ Evolved Programmable Network Manager Version5.1.4.3

Cisco ≫ Evolved Programmable Network Manager Version5.1.4.4

Cisco ≫ Evolved Programmable Network Manager Version6.0.0

Cisco ≫ Evolved Programmable Network Manager Version6.0.1

Cisco ≫ Evolved Programmable Network Manager Version6.0.1.1

Cisco ≫ Evolved Programmable Network Manager Version6.0.2

Cisco ≫ Evolved Programmable Network Manager Version6.0.2.1

Cisco ≫ Evolved Programmable Network Manager Version6.0.3

Cisco ≫ Evolved Programmable Network Manager Version6.0.3.1

Cisco ≫ Evolved Programmable Network Manager Version6.1

Cisco ≫ Evolved Programmable Network Manager Version6.1.1

Cisco ≫ Evolved Programmable Network Manager Version6.1.1.1

Cisco ≫ Evolved Programmable Network Manager Version6.1.1.2.2

Cisco ≫ Evolved Programmable Network Manager Version6.1.2

Cisco ≫ Evolved Programmable Network Manager Version6.1.2.1

Cisco ≫ Evolved Programmable Network Manager Version6.1.2.2

Cisco ≫ Evolved Programmable Network Manager Version7.0.0

Cisco ≫ Evolved Programmable Network Manager Version7.0.1

Cisco ≫ Evolved Programmable Network Manager Version7.0.1.1

Cisco ≫ Evolved Programmable Network Manager Version7.0.1.2

Cisco ≫ Evolved Programmable Network Manager Version7.0.1.3

Cisco ≫ Evolved Programmable Network Manager Version7.1.0

Cisco ≫ Evolved Programmable Network Manager Version7.1.1

Cisco ≫ Evolved Programmable Network Manager Version7.1.2

Cisco ≫ Evolved Programmable Network Manager Version7.1.2.1

Cisco ≫ Evolved Programmable Network Manager Version7.1.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.025

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
psirt@cisco.com	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-20120

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-20120

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-20120

EUVD