Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco hyperflex hx data platform vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv2
CVE-2018-15380
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent malicious user to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by conn...
Cisco Hyperflex Hx Data Platform 3.5\\(1a\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
7.5
CVSSv2
CVE-2018-15382
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote malicious user to generate valid, signed session tokens. The vulnerability is due to a static signing key that is present in all Cisco HyperFlex systems. An attacker could exploit this vulnerabilit...
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
7.2
CVSSv2
CVE-2019-1664
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local malicious user to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability b...
Cisco Hyperflex Hx Data Platform 2.6\\(1e\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1b\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1c\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1a\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1d\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1d\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1h\\)
Cisco Hyperflex Hx Data Platform 3.5\\(1a\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1b\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1e\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1i\\)
6.8
CVSSv2
CVE-2019-1958
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the w...
Cisco Hyperflex Hx Data Platform
5.4
CVSSv2
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Intel Core I3 6006u
Intel Core I3 6098p
Intel Core I3 6102e
Intel Core I3 6157u
Intel Core I5 661
Intel Core I5 670
Intel Core I5 6300u
Intel Core I5 6350hq
Intel Core I5 6442eq
Intel Core I5 6500
Intel Core I5 6500t
Intel Core I7 610e
Intel Core I7 620le
Intel Core I7 640um
Intel Core I7 660lm
Intel Core I3 6100h
Intel Core I3 6100t
Intel Core I3 6320
Intel Core I5 650
Intel Core I3 6100te
Intel Core I3 6100u
Intel Core I5 655k
2 Articles
5
CVSSv2
CVE-2021-1499
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote malicious user to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could ex...
Cisco Hyperflex Hx Data Platform
5
CVSSv2
CVE-2019-1666
A vulnerability in the Graphite service of Cisco HyperFlex software could allow an unauthenticated, remote malicious user to retrieve data from the Graphite service. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by ...
Cisco Hyperflex Hx Data Platform 3.5\\(1a\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1a\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1d\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1d\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1h\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1e\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1b\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1c\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1b\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1e\\)
Cisco Hyperflex Hx Data Platform 3.0\\(1i\\)
1 Github repository
5
CVSSv2
CVE-2018-15429
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote malicious user to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An ...
Cisco Hyperflex Hx Data Platform 3.0\\(1a\\)
Cisco Hyperflex Hx Data Platform 2.6\\(1d\\)
4.7
CVSSv2
CVE-2018-3640
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var...
Intel Pentium J J4205
Intel Celeron N N3450
Intel Atom Z Z2560
Intel Atom Z Z2580
Intel Atom Z Z3590
Intel Atom Z Z3735d
Intel Atom Z Z3740d
Intel Atom Z Z3745
Intel Atom Z Z3795
Intel Atom Z Z2420
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3830
Intel Atom C C3850
Intel Xeon Silver 4110
Intel Xeon Silver 4112
Intel Xeon Platinum 8160
Intel Xeon Platinum 8160f
Intel Xeon Platinum 8176
Intel Xeon Platinum 8176f
Intel Xeon Gold 85120
Intel Pentium Silver J5005
3 Github repositories
4 Articles
4.7
CVSSv2
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »