cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-20263,https://securityvulnerability.io/vulnerability/CVE-2023-20263,Web-Based Management Interface Vulnerability in Cisco HyperFlex HX Data Platform,"A security flaw in the web-based management interface of Cisco HyperFlex HX Data Platform allows unauthenticated remote attackers to execute redirection attacks. This vulnerability arises from improper input validation of parameters in HTTP requests, enabling attackers to craft malicious hyperlinks that, when clicked by users, redirect them to harmful web pages. This puts sensitive information at risk and could facilitate further attacks.",Cisco,Cisco HyperFlex HX Data Platform,6.1,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2023-09-06T18:15:00.000Z,0
CVE-2021-1497,https://securityvulnerability.io/vulnerability/CVE-2021-1497,Cisco HyperFlex HX Command Injection Vulnerabilities,"Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Hyperflex Hx Data Platform,9.8,CRITICAL,0.9751499891281128,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,true,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2021-1498,https://securityvulnerability.io/vulnerability/CVE-2021-1498,Cisco HyperFlex HX Command Injection Vulnerabilities,"Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Hyperflex Hx Data Platform,9.8,CRITICAL,0.9751499891281128,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2021-1499,https://securityvulnerability.io/vulnerability/CVE-2021-1499,Cisco HyperFlex HX Data Platform File Upload Vulnerability,"A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.",Cisco,Cisco Hyperflex Hx Data Platform,5.3,MEDIUM,0.9512400031089783,false,,false,false,true,2024-08-03T17:15:58.000Z,,false,false,,2021-05-06T13:15:00.000Z,0
CVE-2020-3389,https://securityvulnerability.io/vulnerability/CVE-2020-3389,Cisco Hyperflex HX-Series Software Weak Storage Vulnerability,"A vulnerability in the installation component of Cisco Hyperflex HX-Series Software could allow an authenticated, local attacker to retrieve the password that was configured at installation on an affected device. The vulnerability exists because sensitive information is stored as clear text. An attacker could exploit this vulnerability by authenticating to an affected device and navigating to the directory that contains sensitive information. A successful exploit could allow the attacker to obtain sensitive information in clear text from the affected device.",Cisco,Cisco Hyperflex Hx Data Platform,4.4,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:38.000Z,,false,false,,2020-08-26T17:15:00.000Z,0
CVE-2018-15429,https://securityvulnerability.io/vulnerability/CVE-2018-15429,Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability,"A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based UI of an affected system. A successful exploit could allow the attacker to access files that may contain sensitive data.",Cisco,Cisco Hyperflex Hx Data Platform,5.3,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2018-10-05T14:29:00.000Z,0