Vulnerability in Cisco Hyperflex Hx-series

CVE-2018-15423

A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame da…

EPSS: 0.001 (28.1th percentile) — read the EPSS interpretation.

Affected products

Cisco Hyperflex Hx-series — versions n/a

Weakness classification (CWE)

CWE-693 — Protection Mechanism Failure

References

20181003 Cisco HyperFlex UI Clickjacking Vulnerability (x_refsource_CISCO, vendor-advisory)