Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20190220-HYPER-RETRIEVE
HistoryFeb 20, 2019 - 4:00 p.m.

Cisco HyperFlex Unauthenticated Statistics Retrieval Vulnerability

2019-02-2016:00:00
tools.cisco.com
61

EPSS

0.001

Percentile

42.5%

JSON

A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote attacker to retrieve data from the Graphite service.

The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by sending crafted requests to the Graphite service. A successful exploit could allow the attacker to retrieve any statistics from the Graphite service.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-retrieve [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-retrieve”]

Affected configurations

Vulners
Node
ciscohyperflex_hx-series_softwareMatchany
OR
ciscohyperflex_hx-series_softwareMatchany
VendorProductVersionCPE
ciscohyperflex_hx-series_softwareanycpe:2.3:a:cisco:hyperflex_hx-series_software:any:*:*:*:*:*:*:*

Related

cvelist 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2019-1666 Cisco HyperFlex Unauthenticated Statistics Retrieval Vulnerability
2019-02-21 19:00:00
cve
cve
CVE-2019-1666
2019-02-21 19:29:00
prion
prion
Authentication flaw
2019-02-21 19:29:00
nvd
nvd
CVE-2019-1666
2019-02-21 19:29:00

EPSS

0.001

Percentile

42.5%

JSON
Related for CISCO-SA-20190220-HYPER-RETRIEVE
cvelist1cve1prion1nvd1