Security News > 2019 > February > Cisco fixes risky flaws in HyperFlex and Prime infrastructure

Cisco fixes risky flaws in HyperFlex and Prime infrastructure
2019-02-21 13:52

Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the patched vulnerabilities affect Cisco HyperFlex Software, software running on Cisco HyperFlex HX-Series data center nodes. Two of them are high risk security holes: CVE-2018-15380 could allow an unauthenticated, adjacent attacker to run commands on the affected host as the root user CVE-2019-1664 could allow an unauthenticated, local attacker to … More → The post Cisco fixes risky flaws in HyperFlex and Prime infrastructure appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/EMZyDqVCHWc/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-02-21 CVE-2019-1664 Improper Access Control vulnerability in Cisco Hyperflex HX Data Platform
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster.
local
low complexity
cisco CWE-284
7.2
2019-02-20 CVE-2018-15380 OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)/3.5(1A)
A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user.
low complexity
cisco CWE-78
8.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4427 230 3112 1861 609 5812