Cisco HyperFlex HX Data Platform - File Upload Vulnerability CVE-2021-1499 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

Cisco HyperFlex HX Data Platform - File Upload Vulnerability CVE-2021-1499 Scanner Detail

Cisco HyperFlex HX Data Platform allows arbitrary file upload vulnerability.

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to upload files to an affected device. This vulnerability is due to missing authentication for the upload function. An attacker could exploit this vulnerability by sending a specific HTTP request to an affected device. A successful exploit could allow the attacker to upload files to the affected device with the permissions of the tomcat8 user.

Some Advice for Common Problems

  • You need to apply related fixes.
  • Sanitize all parameters received as input from the user.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service