Cisco

Hyperflex Hx Data Platform

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2023-20263

  • EPSS 0.36%
  • Veröffentlicht 06.09.2023 18:15:08
  • Zuletzt bearbeitet 21.11.2024 07:41:01

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the p...

10

CVE-2021-1497

Warnung Exploit
  • EPSS 94.4%
  • Veröffentlicht 06.05.2021 13:15:10
  • Zuletzt bearbeitet 28.10.2025 13:53:41

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, se...

9.8

CVE-2021-1498

Warnung Exploit
  • EPSS 94.01%
  • Veröffentlicht 06.05.2021 13:15:10
  • Zuletzt bearbeitet 28.10.2025 13:58:25

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, se...

5.3

CVE-2021-1499

Exploit
  • EPSS 91.97%
  • Veröffentlicht 06.05.2021 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:44:29

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload functi...

8.8

CVE-2019-1958

  • EPSS 0.24%
  • Veröffentlicht 08.08.2019 08:15:12
  • Zuletzt bearbeitet 21.11.2024 04:37:46

A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CS...

7.8

CVE-2019-1664

  • EPSS 0.4%
  • Veröffentlicht 21.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:02

A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could expl...

6.1

CVE-2019-1665

  • EPSS 0.12%
  • Veröffentlicht 21.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:02

A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected syste...

5.3

CVE-2019-1666

  • EPSS 1.59%
  • Veröffentlicht 21.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:03

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploi...

3.3

CVE-2019-1667

  • EPSS 0.03%
  • Veröffentlicht 21.02.2019 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:03

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attacker could e...

8.6

CVE-2018-15382

  • EPSS 0.68%
  • Veröffentlicht 05.10.2018 14:29:07
  • Zuletzt bearbeitet 21.11.2024 03:50:40

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could e...