VYPR

Prime Network Registrar

by Cisco Systems, Inc.

CVEs (9)

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2019-1840HigApr 18, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the DHCPv6 input packet processor of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to restart the server and cause a denial of service (DoS) condition on the affected system. The vulnerability is due to incomplete user-supplied…

  • CVE-2020-3272HigMay 22, 2020
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming DHCP traffic. An attacker…

  • CVE-2016-1427HigJun 18, 2016
    risk 0.49cvss 7.5epss 0.02

    The System Configuration Protocol (SCP) core messaging interface in Cisco Prime Network Registrar 8.2 before 8.2.3.1 and 8.3 before 8.3.2 allows remote attackers to obtain sensitive information via crafted SCP messages, aka Bug ID CSCuv35694.

  • CVE-2020-3148HigMar 4, 2020
    risk 0.46cvss 7.1epss 0.01

    A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections in the…

  • CVE-2019-1852MedMay 3, 2019
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of…

  • CVE-2017-6613MedApr 20, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to a partial denial of service (DoS) condition on the affected system. The…

  • CVE-2015-6296Sep 18, 2015
    risk 0.00cvss epss 0.00

    Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.

  • CVE-2013-3394Nov 27, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka Bug ID CSCuh41429.