225 matches found
VulnCheck KEV: CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
Cisco HyperFlex HX Data Platform Input Validation Error Vulnerability
The Cisco HyperFlex HX Data Platform is a high-performance, scalable distributed file system that supports a wide range of virtual machine monitoring programs and provides a range of enterprise-class data management and optimization services. An input validation error vulnerability exists in Cisc...
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
Input validation
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
CVE-2023-20263
CVE-2023-20263 affects Cisco HyperFlex HX Data Platform, specifically the web-based management interface. The issue arises from improper input validation of HTTP request parameters, enabling an unauthenticated, remote attacker to persuade a user to click a crafted link and potentially redirect th...
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
Cisco HyperFlex HX Data Platform Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
PT-2023-4965 · Cisco · Cisco Hyperflex Hx Data Platform
Name of the Vulnerable Software and Affected Versions: Cisco HyperFlex HX Data Platform versions 5.0 through 5.5 Description: The issue is related to improper input validation of parameters in an HTTP request, allowing an unauthenticated, remote attacker to redirect a user to a malicious web page...
Cisco HyperFlex HX Data Platform 输入验证错误漏洞
The Cisco HyperFlex HX Data Platform is a high-performance, scalable distributed file system that supports a wide range of virtual machine monitoring programs and provides a range of enterprise-class data management and optimization services. An input validation error vulnerability exists in Cisc...
Multiple Old Vulnerabilities actively exploiting in Cisco Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security old vulnerabilities actively exploiting in Cisco IOS, NX-OS, and HyperFlex software, some of which can be exploited for authentication bypassing to gain full control of the impact...
Cisco HyperFlex HX Command Injection (CVE-2021-1497)
A command injection vulnerability exists in Cisco HyperFlex HX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user...
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user...
VulnCheck KEV: CVE-2021-1497
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the root user...
Metasploit Wrap-Up
Cisco ‘Sploits This week’s Metasploit Framework release brings two modules that target Cisco products.The first module, written by our very own jheysel-r7, targets an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform. Vulnerable versions of the Cisco HyperFlex software...
VulnCheck KEV: CVE-2021-1498
Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user...
Cisco HyperFlex HX Directory Traversal (CVE-2021-1499)
A directory traversal vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...