Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-HYPERFLEX-RCE-TJJNRKPR.NASLHistoryMay 13, 2021 - 12:00 a.m.
Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR)
2021-05-1300:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
91
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.975 High
EPSS
Percentile
100.0%
The version of Cisco HyperFlex HX installed on the remote host is affected by multiple command injection vulnerabilities. An unauthenticated, remote attacker can exploit these to execute arbitrary commands on an affected system.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(149454);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/25");
script_cve_id("CVE-2021-1497", "CVE-2021-1498");
script_xref(name:"CISCO-BUG-ID", value:"CSCvx36014");
script_xref(name:"CISCO-BUG-ID", value:"CSCvx36019");
script_xref(name:"CISCO-BUG-ID", value:"CSCvx37435");
script_xref(name:"CISCO-SA", value:"cisco-sa-hyperflex-rce-TjjNrkpR");
script_xref(name:"IAVA", value:"2021-A-0237");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2021/11/17");
script_name(english:"Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"The version of Cisco HyperFlex HX installed on the remote host is affected by multiple command injection
vulnerabilities. An unauthenticated, remote attacker can exploit these to execute arbitrary commands on an affected
system.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-rce-TjjNrkpR
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c9228075");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx36014");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx36019");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvx37435");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCvx36014, CSCvx36019, CSCvx37435");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-1497");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-1498");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Cisco HyperFlex HX Data Platform Command Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_cwe_id(78);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/05");
script_set_attribute(attribute:"patch_publication_date", value:"2021/05/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/13");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:hyperflex_hx-series_software");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_hyperflex_web_api_detect.nbin");
script_require_keys("Host/OS/Cisco_HyperFlex_web_API");
script_require_ports("Services/www", 80, 443);
exit(0);
}
include('http.inc');
include('vcf.inc');
var port = get_http_port(default:80);
var app_info = vcf::get_app_info(app:'Cisco HyperFlex', port:port);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [
{'fixed_version':'4.0.2e'},
{'min_version':'4.5.0', 'fixed_version':'4.5.2a'}
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | hyperflex_hx-series_software | cpe:/a:cisco:hyperflex_hx-series_software |
Related
nuclei
nuclei
Cisco HyperFlex HX Data Platform - Remote Command Execution
2021-09-29 17:05:43
Cisco HyperFlex HX Data Platform - Remote Command Execution
2021-07-06 00:30:13
seebug
seebug
Cisco HyperFlex HX 未授权命令注入漏洞(CVE-2021-1497 CVE-2021-1498)
2021-05-20 00:00:00
packetstorm
packetstorm
Cisco HyperFlex HX Data Platform Command Execution
2021-06-04 00:00:00
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-06-11 19:51:35
checkpoint_advisories
checkpoint_advisories
Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)
2021-06-20 00:00:00
Cisco HyperFlex HX Command Injection (CVE-2021-1497)
2022-06-16 00:00:00
zdt
zdt
Cisco HyperFlex HX Data Platform Command Execution Exploit
2021-06-04 00:00:00
cisco
cisco
Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-05 16:00:00
attackerkb
attackerkb
CVE-2021-1497
2021-05-05 00:00:00
CVE-2021-1498
2021-05-05 00:00:00
cisa_kev
cisa_kev
Cisco HyperFlex HX Data Platform Command Injection Vulnerability
2021-11-03 00:00:00
Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability
2021-11-03 00:00:00
cve
cve
CVE-2021-1498
2021-05-06 13:15:10
CVE-2021-1497
2021-05-06 13:15:10
prion
prion
Command injection
2021-05-06 13:15:00
Command injection
2021-05-06 13:15:00
cvelist
cvelist
CVE-2021-1497 Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-05 00:00:00
CVE-2021-1498 Cisco HyperFlex HX Command Injection Vulnerabilities
2021-05-05 00:00:00
nvd
nvd
CVE-2021-1498
2021-05-06 13:15:10
CVE-2021-1497
2021-05-06 13:15:10
threatpost
threatpost
Critical Cisco SD-WAN, HyperFlex Bugs Menace Networks
2021-05-06 17:54:33
Auth Bypass Bug Exploited, Millions of Routers Affected
2021-08-09 19:41:30
thn
thn
Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software
2021-05-06 12:30:00
avleonov
avleonov
qualysblog
qualysblog
malwarebytes
malwarebytes
Chinese APT's favorite vulnerabilities revealed
2022-10-13 16:15:00
ics
ics
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.975 High
EPSS
Percentile
100.0%
Related for CISCO-SA-HYPERFLEX-RCE-TJJNRKPR.NASL