Vulnerabilities > Cisco > Hyperflex HX Data Platform > 4.0.1a

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1498 OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
network
low complexity
cisco CWE-78
critical
 9.8
9.8
2021-05-06 CVE-2021-1499 Missing Authentication for Critical Function vulnerability in Cisco Hyperflex HX Data Platform
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device.
network
low complexity
cisco CWE-306
5.3
5.3
2019-08-08 CVE-2019-1958 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hyperflex HX Data Platform
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
cisco CWE-352
6.8
6.8