CVE-2018-15407 Cisco HyperFlex World-Readable Sensitive Information Vulnerability

A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnerability is due to insufficient cleanup of installation files. An attacker could exploit this vulnerability by accessing the residual...

CVE-2018-15423

CVE-2018-15423 affects the web UI of Cisco HyperFlex Software. The vulnerability stems from insufficient input validation of iFrame data in HTTP requests, allowing an unauthenticated, remote attacker to affect device integrity via a clickjacking attack. Details from multiple sources (including Ci...

CVE-2018-15429 Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability

A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...

CVE-2018-15382 Cisco HyperFlex Software Static Signing Key Vulnerability

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by accessing the stat...

CVE-2018-15382

CVE-2018-15382 (Cisco HyperFlex): A static signing key present in all Cisco HyperFlex systems enables an unauthenticated attacker to generate valid, signed session tokens and access the HyperFlex Web UI on other systems. Connected sources indicate affected software prior to 3.5(1a) and describe t...

Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability

A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit...

Cisco HyperFlex World-Readable Sensitive Information Vulnerability

A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnerability is due to insufficient cleanup of installation files. An attacker could exploit this vulnerability by accessing the residual...

Cisco HyperFlex UI Clickjacking Vulnerability

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...

Cisco HyperFlex Software Static Signing Key Vulnerability

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by accessing the stat...

Release Notes for Veeam Backup & Replication 9.5 Update 3a

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup Replication 9.5 Update 3a Cause Please confirm that you are running version 9.5.0.580, 9.5.0.711, 9.5.0.802, 9.5.0.823,...

QuickBackup in vCenter plugin fails on Cisco Hyperflex Snapshot due to pending task

QuickBackup for a VM that resides on Cisco HyperFlex using the Veeam Plugin for vCenter always fails. The following output can be found in the task log:timestamp Info CiscoHXX.X.X...

Cisco HyperFlex System system logging information disclosure vulnerability

Cisco HyperFlex System is the United States Cisco Cisco a data platform equipment. system logging is one of the system logger. An information disclosure vulnerability exists in system logging on the Cisco HyperFlex System, which arises from the program's failure to properly mask sensitive...

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Design/Logic Flaw

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

CVE-2017-12315

CVE-2017-12315 affects Cisco HyperFlex System: the vulnerability is in the system logging path during replication configuration, where sensitive information is not properly masked in log files. An authenticated, local attacker (administrative user) could view restricted information in the system ...

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Cisco HyperFlex System Authenticated Information Disclosure Vulnerability

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Usage of a predefined VMware ESXi extension (VIB) for Veeams Backup from Storage Snapshot with Cisco HyperFlex IOvisor processing

Challenge This article describes the usage of a predefined VMware ESXi extension VIB for Veeams Backup from Storage Snapshot with Cisco HyperFlex IOvisor processing. For details on how to perform these firewall changes manually please review KB2299. HyperFlex Version Specific Article Please follo...

Configuring Cisco HyperFlex Platform Controller for DirectNFS Backups with VMware Snapshots

Related User Guide Page This article provides information about settings that must be changed on the HyperFlex data platform controllers to allow the Direct NFS transport mode to function. For more context, please refer to the Backup from Cisco HyperFlex Snapshots Integration Modes user guide pag...