CVE-2017-6698

CVE Database · CVE-2017-6698

CVE-2017-6698

· N/AModified

CVSS v3.1

N/A

EPSS

0.94%

Published

Jul 3, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc23892 CSCvc35270 CSCvc35626 CSCvc35630 CSCvc49568. Known Affected Releases: 3.1(1) 2.0(4.0.45B).

Weaknesses (CWE)

CWE-89

Affected Products (2)

cisco · prime_infrastructurevulnerable

References (6)

http://www.securityfocus.com/bid/99214

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038751

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2

Vendor Advisory

http://www.securityfocus.com/bid/99214

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038751

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2

KEV Catalog EPSS Scores Vendors All CVEs