What is CVE-2019-1667?

CVE-2019-1667 is a medium-severity vulnerability in Cisco Hyperflex Hx-series, classified under Insufficient Verification of Data Authenticity. CVSS score: 4.0/10. Published 2019-02-21.

How severe is CVE-2019-1667?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Vulnerability in Cisco Hyperflex Hx-series

CVE-2019-1667

A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite interface. The vulnerability is due to insufficient authorization controls. An attac…

EPSS: 0.000 (8.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Cisco Hyperflex Hx-series — versions unspecified

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

References

20190220 Cisco HyperFlex Arbitrary Statistics Write Vulnerability (vendor-advisory, x_refsource_CISCO)
107100 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-1667?: CVE-2019-1667 is a medium-severity vulnerability in Cisco Hyperflex Hx-series, classified under Insufficient Verification of Data Authenticity. CVSS score: 4.0/10. Published 2019-02-21.
How severe is CVE-2019-1667?: Medium severity. CVSS v3 base score is 4.0 out of 10.