Cisco EPN Manager Information Disclosure Vulnerability
Summary
CERT-Bund issued a security advisory (WID-SEC-2026-0951) regarding a high-severity vulnerability (CVSS 8.0) in Cisco Evolved Programmable Network Manager versions prior to 8.1.2. The vulnerability allows authenticated remote attackers to exploit an information disclosure flaw. Organizations using affected versions should apply available mitigations.
What changed
CERT-Bund published a security advisory identifying a high-severity information disclosure vulnerability in Cisco Evolved Programmable Network Manager. The flaw carries a CVSS Base Score of 8.0 (high) and a Temporal Score of 7.0, and is exploitable remotely by authenticated attackers. Affected versions are those prior to version 8.1.2.
Organizations using Cisco EPN Manager should immediately identify whether they are running affected versions (below 8.1.2) and apply available mitigations as indicated in the advisory. While this is an informational notice rather than a binding regulatory action, the high CVSS score indicates significant risk requiring prompt attention from IT security teams.
What to do next
- Identify whether Cisco EPN Manager versions below 8.1.2 are deployed in your environment
- Apply available patches or mitigations to affected systems
- Review vendor guidance for workaround procedures if immediate patching is not feasible
Source document (simplified)
[WID-SEC-2026-0951] Cisco Evolved Programmable Network Manager: Schwachstelle ermöglicht Offenlegung von Informationen CVSS Base Score 8.0 (hoch) CVSS Temporal Score 7.0 (hoch) Remoteangriff ja Datum 01.04.2026 Stand 02.04.2026 Mitigation ja
Betroffene Systeme
Betriebssystem
- Sonstiges
Produktbeschreibung
Der Cisco Evolved Programmable Network (EPN) Manager ist eine All-in-One-Managementlösung für die Konvergenz von paketorientierten und optischen Netzwerken.
Produkte
01.04.2026
- Cisco Evolved Programmable Network Manager <8.1.2
Angriff
Angriff
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Cisco Evolved Programmable Network Manager ausnutzen, um Informationen offenzulegen. CVE Informationen Versionshistorie Feedback zum Advisory geben
Related changes
Source
Classification
Who this affects
Taxonomy
Browse Categories
Get Data Privacy & Cybersecurity alerts
Weekly digest. AI-summarized, no noise.
Free. Unsubscribe anytime.
Get alerts for this source
We'll email you when CERT-Bund Security Advisories publishes new changes.