SQL Injection Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager

SQL Injection Vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager

CVE-2016-6443 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

A vulnerability in the Cisco Prime Infrastructure and Evolved Programmable Network Manager SQL database interface could allow an authenticated, remote attacker to impact system confidentiality by executing a subset of arbitrary SQL queries that can cause product instability. More Information: CSCva27038, CSCva28335. Known Affected Releases: 3.1(0.128), 1.2(400), 2.0(1.0.34A).

Learn more about our Cis Benchmark Audit For Cisco.