Lucene search
K
CiscoHyperflex Hx Data Platform*

4 matches found

CVE
CVE
added 2021/05/06 12:41 p.m.1137 views

CVE-2021-1497

Cisco HyperFlex HX Data Platform (Cisco HyperFlex HX) contains CVE-2021-1497: multiple vulnerabilities in the web-based management interface that allow an unauthenticated remote attacker to perform command injection against the device. Affected product/version per public advisories: Cisco HyperFl...

10CVSS9.9AI score0.99928EPSS
In wild
CVE
CVE
added 2021/05/06 12:41 p.m.1096 views

CVE-2021-1498

Cisco HyperFlex HX Data Platform contains unauthenticated command injection vulnerabilities in its web-based management interface that could allow a remote attacker to execute arbitrary commands on the affected device. Evidence from multiple sources identifies CVE-2021-1498 as a remote command ex...

9.8CVSS9.9AI score0.99999EPSS
In wild
CVE
CVE
added 2021/05/06 12:41 p.m.114 views

CVE-2021-1499

Cisco HyperFlex HX Data Platform is affected by an unauthenticated arbitrary file upload vulnerability in the web-based management interface. The issue arises from missing authentication on the /upload endpoint, allowing an attacker to upload files with the permissions of the Tomcat user (tomcat8...

5.3CVSS5.3AI score0.80426EPSS
CVE
CVE
added 2019/08/08 7:30 a.m.59 views

CVE-2019-1958

The CVE-2019-1958 entry concerns Cisco HyperFlex Software. The vulnerability affects the web-based management interface and is caused by insufficient CSRF protections, enabling an unauthenticated, remote attacker to induce CSRF via social engineering (tricking a user to follow a malicious link). ...

8.8CVSS6.7AI score0.006EPSS