THREATOPS
THREAT OPSThreat News › Cisco Prime Infrastructure Information Disclosure Vulnerability

Cisco Prime Infrastructure Information Disclosure Vulnerability

lowcisco_psirtPublished 2026-05-06

<p>A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an&nbsp;authenticated, remote attacker to download arbitrary log files from the server.</p> <p>This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit this vulnerability by submitting a crafted URL request to an affected device. A success

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Prime%20Infrastructure%20Information%20Disclosure%20Vulnerability%26vs_k=1