VYPR

Hyperflex Hx Data Platform

by Cisco Systems, Inc.

CVEs (7)

  • CVE-2021-1498CriKEVMay 6, 2021
    risk 0.87cvss 9.8epss 1.00

    Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this…

  • CVE-2021-1497CriKEVMay 6, 2021
    risk 0.87cvss 9.8epss 1.00

    Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this…

  • CVE-2021-1499MedMay 6, 2021
    risk 0.44cvss 5.3epss 0.80

    A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit…

  • CVE-2017-12315MedNov 16, 2017
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an…

  • CVE-2018-15429MedOct 5, 2018
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An…

  • CVE-2023-20263MedSep 6, 2023
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request.…

  • CVE-2020-3389MedAug 26, 2020
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the installation component of Cisco Hyperflex HX-Series Software could allow an authenticated, local attacker to retrieve the password that was configured at installation on an affected device. The vulnerability exists because sensitive information is stored…