HomePentest-Tools.com Logo

Cisco HyperFlex HX Data Platform - Remote Command Execution CVE-2021-1497

Severity
CVSSv3 Score
9.8
Vulnerability description

Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.

Recommendation

Apply the necessary security patches or updates provided by Cisco to mitigate this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
May 6, 2021
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available