Cisco HyperFlex Software Unauthenticated Root Access (cisco-sa-20190220-chn-root-access)

According to its self-reported version, Cisco HyperFlex HX-Series is affected by a vulnerability in the hxterm service due to insufficient authentication controls. An unauthenticated, local attacker can exploit this, by connecting to the hxterm service as a non-privileged, local user, in order to...

Authentication flaw

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by sending crafted request...