HIGH✓ PATCH🇬🇧 English

CVE-2019-12621

CVSS 7.4v3.1pub. 2019-08-21upd. 2024-11-21

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the cluster. A successful exploit could allow the attacker to perform a man-in-the-middle attack against other nodes in the cluster.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Cisco Hyperflex Hx220c Af M5

    HW
    Cisco
    wszystkie wersje
  • Cisco Hyperflex Hx220c Af M5 Firmware

    OS
    Cisco
    3.0\(1a\)3.5\(2a\)
  • Cisco Hyperflex Hx220c Edge M5

    HW
    Cisco
    wszystkie wersje
  • Cisco Hyperflex Hx220c Edge M5 Firmware

    OS
    Cisco
    3.0\(1a\)3.5\(2a\)
  • Cisco Hyperflex Hx220c M5

    HW
    Cisco
    wszystkie wersje
  • Cisco Hyperflex Hx220c M5 Firmware

    OS
    Cisco
    3.0\(1a\)3.5\(2a\)
  • Cisco Hyperflex Hx240c Af M5

    HW
    Cisco
    wszystkie wersje
  • Cisco Hyperflex Hx240c Af M5 Firmware

    OS
    Cisco
    3.0\(1a\)3.5\(2a\)
  • Cisco Hyperflex Hx240c M5

    HW
    Cisco
    wszystkie wersje
  • Cisco Hyperflex Hx240c M5 Firmware

    OS
    Cisco
    3.0\(1a\)3.5\(2a\)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-1497CRITICAL9.8⚠ KEVten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...

CVE-2021-1498CRITICAL9.8⚠ KEVten sam produkt

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...

CVE-2021-1499MEDIUM5.3ten sam produkt

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unaut...

CVE-2019-12620MEDIUM5.3ten sam produkt

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticate...

CVE-2019-1975MEDIUM6.1ten sam produkt

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote ...

CVE-2019-12621 — HIGH 7.4 | CVEbaza.pl