Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

225 matches found

Vulnrichment
Vulnrichmentadded 2019/02/21 8:0 p.m.13 views

CVE-2019-1667 Cisco HyperFlex Arbitrary Statistics Write Vulnerability

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by connecting to the...

4CVSS6.7AI score0.00028EPSS
Exploits0References2
NVD
NVDadded 2019/02/21 7:29 p.m.13 views

CVE-2019-1667

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by connecting to the...

4CVSS4.1AI score0.00028EPSS
Exploits0References2
Prion
Prionadded 2019/02/21 7:29 p.m.15 views

Authorization

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by connecting to the...

2.1CVSS4.2AI score0.00028EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2019/02/21 7:29 p.m.15 views

CVE-2019-1666

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by sending crafted request...

5.3CVSS5.4AI score0.01589EPSS
Exploits0References2
Prion
Prionadded 2019/02/21 7:29 p.m.14 views

Authentication flaw

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by sending crafted request...

5CVSS5.4AI score0.01589EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/02/21 7:29 p.m.0 views

CVE-2019-1664

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...

7.8CVSS7.1AI score0.00398EPSS
Exploits0References2
OSV
OSVadded 2019/02/21 7:29 p.m.1 views

CVE-2019-1666

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by sending crafted request...

5.3CVSS6.1AI score
Exploits0References2
Prion
Prionadded 2019/02/21 7:29 p.m.14 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

4.3CVSS5.9AI score0.0012EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2019/02/21 7:29 p.m.9 views

Authentication flaw

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...

7.2CVSS7.7AI score0.00398EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/02/21 7:29 p.m.1 views

CVE-2019-1667

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by connecting to the...

3.3CVSS5.9AI score
Exploits0References2
NVD
NVDadded 2019/02/21 7:29 p.m.11 views

CVE-2019-1664

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...

8.1CVSS7.9AI score0.00398EPSS
Exploits0References2
NVD
NVDadded 2019/02/21 7:29 p.m.11 views

CVE-2019-1665

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

6.1CVSS5.2AI score0.0012EPSS
Exploits0References2
OSV
OSVadded 2019/02/21 7:29 p.m.0 views

CVE-2019-1665

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

6.1CVSS6.4AI score
Exploits0References2
Cvelist
Cvelistadded 2019/02/21 7:0 p.m.13 views

CVE-2019-1665 Cisco Hyperflex Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

4.7CVSS6AI score0.0012EPSS
Exploits0References2
CVE
CVEadded 2019/02/21 7:0 p.m.53 views

CVE-2019-1664

Cisco HyperFlex HX-Series is affected by an unauthenticated root-access vulnerability in the hxterm service. An unauthenticated, local attacker could connect to hxterm as a non-privileged user and gain root access to all member nodes in the cluster. Affected releases are prior to 3.5(2a). Cisco p...

8.1CVSS7.9AI score0.00398EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2019/02/21 7:0 p.m.49 views

CVE-2019-1665

Cisco HyperFlex web-based management interface suffers a stored XSS vulnerability (CVE-2019-1665) due to insufficient validation of user input. Affected versions: prior to 3.5(1a). An unauthenticated, remote attacker can lure a user into clicking a malicious link, enabling execution of arbitrary ...

6.1CVSS5.2AI score0.0012EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2019/02/21 7:0 p.m.8 views

CVE-2019-1665 Cisco Hyperflex Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...

4.7CVSS6AI score0.0012EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2019/02/21 7:0 p.m.6 views

CVE-2019-1664 Cisco HyperFlex Software Unauthenticated Root Access Vulnerability

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...

8.1CVSS7AI score0.00398EPSS
Exploits0References2
CVE
CVEadded 2019/02/21 7:0 p.m.46 views

CVE-2019-1666

CVE-2019-1666 is a vulnerability in the Graphite service of Cisco HyperFlex software where an unauthenticated, remote attacker could retrieve statistics data due to insufficient authentication controls. Affected versions are prior to 3.5(2a). The impact is data exposure from the Graphite service;...

5.3CVSS5.4AI score0.01589EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2019/02/21 7:0 p.m.11 views

CVE-2019-1664 Cisco HyperFlex Software Unauthenticated Root Access Vulnerability

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...

8.1CVSS7.7AI score0.00398EPSS
Exploits0References2
Rows per page
Query Builder