Cisco Cisco Hyperflex Hx-series
13 CVEs affecting Cisco Cisco Hyperflex Hx-series. Latest disclosed: 2019-09-18. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-15380 | High | 8.8 | 2019-02-20 | A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root us… |
CVE-2019-1664 | High | 8.1 | 2019-02-21 | A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluste… |
CVE-2019-12621 | Medium | 6.8 | 2019-08-21 | A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to… |
CVE-2019-1975 | Medium | 6.5 | 2019-09-18 | A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS)… |
CVE-2019-1857 | Medium | 6.1 | 2019-05-03 | A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site requ… |
CVE-2019-1958 | Medium | 5.4 | 2019-08-08 | A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site reque… |
CVE-2019-12620 | Medium | 5.3 | 2019-09-18 | A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on… |
CVE-2019-1666 | Medium | 5.3 | 2019-02-21 | A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service… |
CVE-2019-1665 | Medium | 4.7 | 2019-02-21 | A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scrip… |
CVE-2019-1667 | Medium | 4.0 | 2019-02-21 | A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an authenticated, local attacker to write arbitrary data to the Graphite inte… |
CVE-2018-15423 | | 2018-10-05 | A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjackin… | |
CVE-2018-15407 | | 2018-10-05 | A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnera… | |
CVE-2018-15382 | | 2018-10-05 | A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. The vulnerability is due… |