Security News > 2019 > February > Cisco fixes risky flaws in HyperFlex and Prime infrastructure
2019-02-21 13:52
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the patched vulnerabilities affect Cisco HyperFlex Software, software running on Cisco HyperFlex HX-Series data center nodes. Two of them are high risk security holes: CVE-2018-15380 could allow an unauthenticated, adjacent attacker to run commands on the affected host as the root user CVE-2019-1664 could allow an unauthenticated, local attacker to … More → The post Cisco fixes risky flaws in HyperFlex and Prime infrastructure appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/EMZyDqVCHWc/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-21 | CVE-2019-1664 | Improper Access Control vulnerability in Cisco Hyperflex HX Data Platform A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. | 7.2 |
| 2019-02-20 | CVE-2018-15380 | OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)/3.5(1A) A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. | 8.3 |