CVE-2026-20123
Open Redirect Vulnerability in Cisco EPNM and Prime Interface
Publication date: 2026-02-04
Last updated on: 2026-03-10
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | prime_infrastructure | 3.10.6 |
| cisco | prime_infrastructure | to 3.9 (inc) |
| cisco | prime_infrastructure | From 3.10 (inc) to 3.10.6 (inc) |
| cisco | evolved_programmable_network_manager | to 8.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-20123 is an open redirect vulnerability in the web-based management interfaces of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure.
It occurs due to improper input validation of parameters in HTTP requests, which allows an unauthenticated, remote attacker to intercept and modify these requests.
By exploiting this flaw, the attacker can redirect users to malicious web pages.
How can this vulnerability impact me? :
This vulnerability can impact you by enabling an attacker to redirect users of the affected Cisco management interfaces to malicious websites.
Such redirection could lead to phishing attacks, malware downloads, or other malicious activities that compromise user security.
The vulnerability requires no privileges and has low attack complexity but does require user interaction.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves improper input validation of HTTP request parameters that can be exploited by intercepting and modifying HTTP requests to redirect users to malicious web pages.
There are no specific detection commands or tools mentioned in the provided resources to identify this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
Cisco has released fixed software versions to remediate this vulnerability: Cisco EPNM 8.1.1 and later, and Cisco Prime Infrastructure 3.10.6 and later.
The recommended immediate step is to upgrade affected systems to these fixed software versions.
No workarounds are available, so upgrading is the only effective mitigation.
Ensure to obtain the fixed software through Cisco or authorized partners and verify compatibility with your hardware and software configurations before upgrading.