CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-15429

A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based UI of an affected system. A successful exploit could allow the attacker to access files that may contain sensitive data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-hyperflex-uda
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-hyperflex-uda

Products affected by CVE-2018-15429

Cisco » Hyperflex Hx Data Platform » Version: 2.6(1d)

cpe:2.3:a:cisco:hyperflex_hx_data_platform:2.6(1d)
Cisco » Hyperflex Hx Data Platform » Version: 3.0(1a)

cpe:2.3:a:cisco:hyperflex_hx_data_platform:3.0(1a)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-15429

Products

Pricing

Contact Us