PatchSiren cyber security CVE debrief
CVE-2026-20123 Cisco CVE debrief
A vulnerability exists in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This vulnerability could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is caused by improper input validation of parameters in HTTP requests. An attacker could exploit this by intercepting and modifying user HTTP requests. Successful exploitation could result in redirection to a malicious web page.
- Vendor
- Cisco
- Product
- Prime Infrastructure
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-02-04
- Original CVE updated
- 2026-06-29
- Advisory published
- 2026-02-04
- Advisory updated
- 2026-06-29
Who should care
Organizations using Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure should be aware of this vulnerability. Specifically, those with EPNM versions prior to 8.1.1 and Prime Infrastructure versions prior to 3.10.6, or 3.10.6 with security update 01, are potentially affected. IT teams responsible for network management and security in these environments should assess and mitigate this risk.
Technical summary
The vulnerability, CVE-2026-20123, is due to improper input validation in the web-based management interface of Cisco EPNM and Prime Infrastructure. This allows an unauthenticated, remote attacker to redirect users to malicious web pages by intercepting and modifying HTTP requests. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 4.3, indicating a medium severity level. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N, reflecting the attack vector, complexity, privileges required, user interaction, scope, confidentiality, integrity, and availability impacts.
Defensive priority
Apply patches or updates provided by Cisco to address the vulnerability in EPNM and Prime Infrastructure. Ensure that EPNM is updated to version 8.1.1 or later, and Prime Infrastructure is updated to version 3.10.6 or later, or apply security updates as recommended by Cisco.
Recommended defensive actions
- Inventory affected systems and apply Cisco patches or updates.
- Implement network segmentation to limit the spread of potential attacks.
- Monitor network traffic for suspicious redirection attempts.
- Educate users about the risks of clicking on links from untrusted sources.
- Consider implementing additional security measures such as web application firewalls.
Evidence notes
The CVE-2026-20123 vulnerability details were obtained from the National Vulnerability Database (NVD) and Cisco's security advisory. The vulnerability affects Cisco Evolved Programmable Network Manager (EPNM) and Prime Infrastructure. Cisco has provided a security advisory (cisco-sa-epnm-pi-redirect-6sX82dN) with mitigation and patch information.
Official resources
-
CVE-2026-20123 CVE record
CVE.org
-
CVE-2026-20123 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
This article is AI-assisted and based on the supplied source corpus.