162 matches found
CVE-2021-1499 Cisco HyperFlex HX Data Platform File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerabilit...
CVE-2021-1499
Cisco HyperFlex HX Data Platform is affected by an unauthenticated arbitrary file upload vulnerability in the web-based management interface. The issue arises from missing authentication on the /upload endpoint, allowing an attacker to upload files with the permissions of the Tomcat user (tomcat8...
Apache Unomi Injection Vulnerability
Apache Unomi is the United States Apache Software Apache Foundation's set of open source customer data platform. The platform is mainly written in Java language. An injection vulnerability exists in Apache Unomi versions prior to 1.5.5. The vulnerability stems from the failure of a networked syst...
Cisco HyperFlex HX Data Platform 操作系统命令注入漏洞
Cisco HyperFlex HX Data Platform is a network appliance from Cisco USA. It provides enterprise-class agility, scalability, security, and lifecycle management capabilities. The Cisco HyperFlex HX Data Platform suffers from an operating system command injection vulnerability that could allow an...
Cisco HyperFlex HX Data Platform 操作系统命令注入漏洞
Cisco HyperFlex HX Data Platform is a network appliance from Cisco USA. It provides enterprise-class agility, scalability, security, and lifecycle management capabilities. The Cisco HyperFlex HX Data Platform suffers from an operating system command injection vulnerability that could allow an...
Cisco HyperFlex HX Data Platform File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerabilit...
CVE-2021-1499
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerabilit...
CVE-2021-28124
A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Missing server authentication in impacted versions can allow an attacker to Man-in-the-middle MITM support channel UI session to Cohesity DataPlatform...
Cisco Hyperflex HX-Series Software Weak Storage (cisco-sa-HYP-WSV-yT3j5hSB)
According to its self-reported version, Cisco HyperFlex HX Data Platform is affected by a vulnerability in the installation component because sensitive information is stored as clear text. An authenticated, local attacker can exploit this, by authenticating to an affected device and navigating to...
Genius Bytes Genius Server BPM Component Code Injection Vulnerability
Genius Bytes Genius Server is a data platform for connecting IT infrastructure components from Genius Bytes Germany, of which BPM is a business process management component. A security vulnerability exists in the BPM component of Genius Bytes Genius Server Genius CDDS version 3.2.2. A remote...
How to Merge Veeam Data Platform Licenses
Purpose This article documents the process for merging and unmerging licenses for Veeam Data Platform. Notes: Veeam Backup & Replication - Merging licenses for Veeam Backup & Replication can either be done in the application by combining a socket and an instance license or through the Veeam My...
ESXi firewall changes required to process a Veeam backup from storage snapshot with Cisco HyperFlex IOvisor
Challenge To process a Veeam backup from storage snapshot with Cisco HyperFlex IOvisor, adjustments may have to be to the ESXi firewall settings. The process outlined below applies to all HyperFlex clusters running HX Data Platform 3.0 or later. Solution Before you add the HyperFlex Cluster into...
Cisco HyperFlex HX Data Platform Software Sensitive Information Disclosure Vulnerability
Cisco HyperFlex HX Data Platform Software is a scalable distributed file system from Cisco USA. The system provides unified compute, storage and networking through cloud management, providing enterprise-class data management and optimization services. An input validation vulnerability exists in t...
CVE-2018-15429
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...
CVE-2018-15429
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...
Authorization
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...
CVE-2018-15429 Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...
CVE-2018-15429
The CVE-2018-15429 issue affects Cisco HyperFlex HX Data Platform Software and stems from improper input validation and lack of proper authorization in the web-based UI. An unauthenticated, remote attacker could exploit via malicious HTTP requests to access files containing sensitive data (partia...
CVE-2018-15429 Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...
Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...