Vulnerabilities > Cisco > Hyperflex HX Data Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-05 | CVE-2018-15429 | Missing Authorization vulnerability in Cisco Hyperflex HX Data Platform 2.6(1D)/3.0(1A) A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 5.3 |
| 2018-10-05 | CVE-2018-15423 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Hyperflex HX Data Platform 2.6(1D)/3.0(1A) A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. | 4.7 |
| 2018-10-05 | CVE-2018-15407 | Incomplete Cleanup vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. | 5.5 |
| 2018-10-05 | CVE-2018-15382 | External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A) A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens. | 8.6 |
| 2017-11-16 | CVE-2017-12315 | Information Exposure vulnerability in Cisco Hyperflex HX Data Platform 2.6(1A) A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. | 6.0 |