Lucene search
K

9 matches found

Information Security Automation
Information Security Automation
added 2022/10/21 8:10 p.m.161 views

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

10CVSS1.1AI score0.99999EPSS
Exploits973
Check Point Advisories
Check Point Advisories
added 2022/06/16 12:0 a.m.9 views

Cisco HyperFlex HX Command Injection (CVE-2021-1497)

A command injection vulnerability exists in Cisco HyperFlex HX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

4.4AI score0.99928EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2021/06/20 12:0 a.m.15 views

Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)

A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...

10CVSS2.5AI score0.99999EPSS
Exploits6
Metasploit
Metasploit
added 2021/06/04 5:42 p.m.123 views

Cisco HyperFlex HX Data Platform Command Execution

This module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform's /storfs-asup endpoint to execute shell commands as the Tomcat user. Module Options msf use exploit/linux/http/ciscohyperflexhxdataplatformcmdexec msf exploitciscohyperflexhxdataplatformcmdexec show...

10CVSS9.9AI score0.99999EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.127 views

Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR)

The version of Cisco HyperFlex HX installed on the remote host is affected by multiple command injection vulnerabilities. An unauthenticated, remote attacker can exploit these to execute arbitrary commands on an affected system. Note that Nessus has not tested for this issue but has instead relie...

10CVSS9.2AI score0.99999EPSS
Exploits6References6
Circl
Circl
added 2021/05/06 1:51 p.m.26 views

CVE-2021-1497

creationtimestamp| type| source ---|---|--- 2021-05-06 13:51:34+00:00| seen| https://t.me/ptswarm/34 2021-05-07 11:58:58+00:00| seen| https://t.me/icscert/431 2021-06-03 21:31:54+00:00| seen|...

10CVSS7.6AI score0.99928EPSS
In wildExploits5References15
CVE
CVE
added 2021/05/06 12:41 p.m.1138 views

CVE-2021-1497

Cisco HyperFlex HX Data Platform (Cisco HyperFlex HX) contains CVE-2021-1497: multiple vulnerabilities in the web-based management interface that allow an unauthenticated remote attacker to perform command injection against the device. Affected product/version per public advisories: Cisco HyperFl...

10CVSS9.9AI score0.99928EPSS
In wildExploits5References3Affected Software1
The Hacker News
The Hacker News
added 2021/05/06 12:30 p.m.115 views

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In ...

10CVSS2.3AI score0.99999EPSS
Exploits6
ATTACKERKB
ATTACKERKB
added 2021/05/05 12:0 a.m.101 views

CVE-2021-1497

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Recent...

10CVSS9AI score0.99999EPSS
In wildExploits11References3
Rows per page
Query Builder