9 matches found
Joint Advisory AA22-279A and Vulristics
Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...
Cisco HyperFlex HX Command Injection (CVE-2021-1497)
A command injection vulnerability exists in Cisco HyperFlex HX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)
A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...
Cisco HyperFlex HX Data Platform Command Execution
This module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform's /storfs-asup endpoint to execute shell commands as the Tomcat user. Module Options msf use exploit/linux/http/ciscohyperflexhxdataplatformcmdexec msf exploitciscohyperflexhxdataplatformcmdexec show...
Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR)
The version of Cisco HyperFlex HX installed on the remote host is affected by multiple command injection vulnerabilities. An unauthenticated, remote attacker can exploit these to execute arbitrary commands on an affected system. Note that Nessus has not tested for this issue but has instead relie...
CVE-2021-1497
creationtimestamp| type| source ---|---|--- 2021-05-06 13:51:34+00:00| seen| https://t.me/ptswarm/34 2021-05-07 11:58:58+00:00| seen| https://t.me/icscert/431 2021-06-03 21:31:54+00:00| seen|...
CVE-2021-1497
Cisco HyperFlex HX Data Platform (Cisco HyperFlex HX) contains CVE-2021-1497: multiple vulnerabilities in the web-based management interface that allow an unauthenticated remote attacker to perform command injection against the device. Affected product/version per public advisories: Cisco HyperFl...
Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software
Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In ...
CVE-2021-1497
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Recent...