Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2021-1497 | Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability | exploitation_technique | T1133 | External Remote Services |
Comments
CVE-2021-1497 is a critical vulnerability in the web-based management interface of Cisco HyperFlex HX Installer Virtual Machine. This vulnerability allows an unauthenticated, remote attacker to perform a command injection attack against an affected device
References
|
CVE-2021-1497 | Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
CVE-2021-1497 is a critical vulnerability in the web-based management interface of Cisco HyperFlex HX Installer Virtual Machine. This vulnerability allows an unauthenticated, remote attacker to perform a command injection attack against an affected device
References
|