A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NCisco Hyperflex Hx220c Af M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c Af M5 Firmware
OSCisco4.0\(1a\)≤ 3.5.2fCisco Hyperflex Hx220c Edge M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c Edge M5 Firmware
OSCisco4.0\(1a\)≤ 3.5.2fCisco Hyperflex Hx220c M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c M5 Firmware
OSCisco4.0\(1a\)≤ 3.5.2fCisco Hyperflex Hx240c Af M5
HWCiscowszystkie wersjeCisco Hyperflex Hx240c Af M5 Firmware
OSCisco4.0\(1a\)≤ 3.5.2fCisco Hyperflex Hx240c M5
HWCiscowszystkie wersjeCisco Hyperflex Hx240c M5 Firmware
OSCisco4.0\(1a\)≤ 3.5.2f
Powiązane podatności
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-i...
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unaut...
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticate...