Skip to main content

Hyperflex Hx240C M5 Firmware

3 CVEs product

Monthly

CVE-2019-1975 MEDIUM This Month

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx220C M5 Firmware Hyperflex Hx240C M5 Firmware Hyperflex Hx220C Af M5 Firmware +2
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2019-12620 MEDIUM This Month

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Cisco Hyperflex Hx220C M5 Firmware Hyperflex Hx240C M5 Firmware Hyperflex Hx220C Af M5 Firmware +2
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2019-12621 HIGH This Week

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx220C M5 Firmware Hyperflex Hx240C M5 Firmware Hyperflex Hx220C Af M5 Firmware +2
NVD
CVSS 3.1
7.4
EPSS
0.4%
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx220C M5 Firmware +4
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Cisco Hyperflex Hx220C M5 Firmware +4
NVD
EPSS 0% CVSS 7.4
HIGH This Week

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Hyperflex Hx220C M5 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy