CVE-2021-1497

Name of the Vulnerable Software and Affected Versions Cisco HyperFlex HX (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX, which could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. This is due to the failure to neutralize special elements used in operating system commands. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary commands in the target system with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.