Vulnerabilities > Cisco > Hyperflex HX Data Platform > 4.0.2a

DATE CVE VULNERABILITY TITLE RISK
2021-05-06 CVE-2021-1497 OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform 4.0(2A)
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
network
low complexity
cisco CWE-78
critical
 9.8
9.8
2021-05-06 CVE-2021-1498 OS Command Injection vulnerability in Cisco Hyperflex HX Data Platform
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
network
low complexity
cisco CWE-78
critical
 9.8
9.8
2021-05-06 CVE-2021-1499 Missing Authentication for Critical Function vulnerability in Cisco Hyperflex HX Data Platform
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device.
network
low complexity
cisco CWE-306
5.3
5.3