Medium severity5.4NVD Advisory· Published Jul 4, 2017· Updated May 13, 2026

CVE-2017-6698

Description

A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc23892 CSCvc35270 CSCvc35626 CSCvc35630 CSCvc49568. Known Affected Releases: 3.1(1) 2.0(4.0.45B).

Affected products

Cisco Systems, Inc./Prime Infrastructure2 versions
cpe:2.3:a:cisco:prime_infrastructure:2.0\(4.0.45b\):*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:prime_infrastructure:2.0\(4.0.45b\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_infrastructure:3.1\(1\):*:*:*:*:*:*:*
N/a/Cisco Prime Infrastructure And Evolved Programmable Network Managerv5
Range: Cisco Prime Infrastructure and Evolved Programmable Network Manager

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/99214nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038751nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000