PT-2021-3789 · Cisco · Cisco Epnm

Published

2021-08-04

Updated

2021-08-11

CVE-2021-34707

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco Evolved Programmable Network Manager (EPNM) (affected versions not specified)

Description A vulnerability in the REST API of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to access sensitive data on an affected system. This issue exists because the application does not sufficiently protect sensitive data when responding to an API request. An attacker could exploit this by sending a specific API request to the affected application, potentially obtaining sensitive information about the application.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2021-04064

CVE-2021-34707

Affected Products

Cisco Epnm

PT-2021-3789 · Cisco · Cisco Epnm

CVE-2021-34707

Weakness Enumeration

Related Identifiers

Affected Products

References · 6