A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NCisco Hyperflex Hx220c Af M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c All Nvme M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c Edge M5
HWCiscowszystkie wersjeCisco Hyperflex Hx220c M5
HWCiscowszystkie wersjeCisco Hyperflex Hx240c
HWCiscowszystkie wersjeCisco Hyperflex Hx240c Af M5
HWCiscowszystkie wersjeCisco Hyperflex Hx240c M5
HWCiscowszystkie wersjeCisco Hyperflex Hx Data Platform
OSCisco4.5 – 4.5\(2a\) (bez)< 4.0\(2e\)
Related vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenti...
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-i...
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticat...
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attack...