Hyperflex Hx Data Platform Security Vulnerabilities and Issues — Hyperflex Hx Data Platform CVE List

Lucene search

CiscoHyperflex Hx Data Platform

4 matches found

CVE•added 2018/10/05 2:29 p.m.•45 views

CVE-2018-15423

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. An ...

4.7CVSS4.8AI score0.00105EPSS

CVE•added 2018/10/05 2:29 p.m.•40 views

CVE-2018-15382

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerability by accessing the static...

8.6CVSS8.6AI score0.00676EPSS

CVE•added 2018/10/05 2:29 p.m.•37 views

CVE-2018-15407

A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnerability is due to insufficient cleanup of installation files. An attacker could exploit this vulnerability by accessing the residual installa...

5.5CVSS5.1AI score0.00061EPSS

CVE•added 2018/10/05 2:29 p.m.•37 views

CVE-2018-15429

A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit th...

5.3CVSS5.2AI score0.00385EPSS