Prime infrastructure

This hub aggregates every CVE we track for Prime infrastructure, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Prime infrastructure.

• CVE-2026-20075Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability4.8Jan 15, 2026
• CVE-2025-20280Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability4.8Sep 3, 2025
• CVE-2025-20270Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability4.3Sep 3, 2025
• CVE-2025-20269Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability6.5Aug 20, 2025
• CVE-2025-20272Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability4.3Jul 16, 2025
• CVE-2025-20203A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a ...4.8Apr 2, 2025
• CVE-2025-20120A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct ...6.1Apr 2, 2025
• CVE-2022-20657Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Cross-Site Scripting Vulnerability6.1Nov 15, 2024
• CVE-2022-20656Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Path Traversal Vulnerability6.5Nov 15, 2024
• CVE-2024-20514Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability5.4Nov 6, 2024
• CVE-2023-20260A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager could allow an authenticated, local attacker to gain escalated privileges. This v...6.0Jan 17, 2024
• CVE-2023-20258A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. T...6.5Jan 17, 2024
• CVE-2023-20271A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to conduct SQ...6.5Jan 17, 2024
• CVE-2023-20257A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct cross-site scripting attacks. This vulnerability is due ...4.8Jan 17, 2024
• CVE-2023-44487The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.KEV7.5Oct 10, 2023