Vulnerabilities > Cisco > Hyperflex HX Data Platform > 3.0.1a

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-15423 Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Hyperflex HX Data Platform 2.6(1D)/3.0(1A)
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack.
network
low complexity
cisco CWE-1021
4.7
4.7
2018-10-05 CVE-2018-15407 Incomplete Cleanup vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)
A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information.
local
low complexity
cisco CWE-459
5.5
5.5
2018-10-05 CVE-2018-15382 External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens.
network
low complexity
cisco CWE-642
8.6
8.6