Lucene search
CiscoCISCO-SA-HYPERFLEX-RCE-TJJNRKPRHistoryMay 05, 2021 - 4:00 p.m.
Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-0516:00:00
tools.cisco.com
253
cisco
hyperflex
command injection
vulnerabilities
software updates
remote attacker
management interface
device security
EPSS
0.975
Percentile
100.0%
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR”]
Affected configurations
Node
ciscohyperflex_hx_data_platformMatchany
ORciscohyperflex_hx_data_platformMatchany
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | hyperflex_hx_data_platform | any | cpe:2.3:o:cisco:hyperflex_hx_data_platform:any:*:*:*:*:*:*:* |
Related
nuclei
nuclei
Cisco HyperFlex HX Data Platform - Remote Command Execution
2021-09-29 17:05:43
Cisco HyperFlex HX Data Platform - Remote Command Execution
2021-07-06 00:30:13
metasploit
metasploit
Cisco HyperFlex HX Data Platform Command Execution
2021-06-03 05:43:56
seebug
seebug
Cisco HyperFlex HX 未授权命令注入漏洞(CVE-2021-1497 CVE-2021-1498)
2021-05-20 00:00:00
nessus
nessus
packetstorm
packetstorm
Cisco HyperFlex HX Data Platform Command Execution
2021-06-04 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-06-11 19:51:35
zdt
zdt
Cisco HyperFlex HX Data Platform Command Execution Exploit
2021-06-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)
2021-06-20 00:00:00
Cisco HyperFlex HX Command Injection (CVE-2021-1497)
2022-06-16 00:00:00
attackerkb
attackerkb
CVE-2021-1497
2021-05-05 00:00:00
CVE-2021-1498
2021-05-05 00:00:00
cisa_kev
cisa_kev
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
2021-11-03 00:00:00
Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability
2021-11-03 00:00:00
cve
cve
CVE-2021-1498
2021-05-06 13:15:10
CVE-2021-1497
2021-05-06 13:15:10
prion
prion
Command injection
2021-05-06 13:15:00
Command injection
2021-05-06 13:15:00
cvelist
cvelist
CVE-2021-1497 Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-06 12:41:27
CVE-2021-1498 Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-06 12:41:31
nvd
nvd
CVE-2021-1498
2021-05-06 13:15:10
CVE-2021-1497
2021-05-06 13:15:10
threatpost
threatpost
Critical Cisco SD-WAN, HyperFlex Bugs Menace Networks
2021-05-06 17:54:33
Auth Bypass Bug Exploited, Millions of Routers Affected
2021-08-09 19:41:30
thn
thn
Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software
2021-05-06 12:30:00
avleonov
avleonov
qualysblog
qualysblog
malwarebytes
malwarebytes
Chinese APT's favorite vulnerabilities revealed
2022-10-13 16:15:00
githubexploit
githubexploit
Exploit for Path Traversal in Ivanti Connect Secure
2022-12-13 08:41:44
ics
ics