PT-2023-4965 · Cisco · Cisco Hyperflex Hx Data Platform
Published
2023-09-06
·
Updated
2024-12-29
·
CVE-2023-20263
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco HyperFlex HX Data Platform versions 5.0 through 5.5
Description
The issue is related to improper input validation of parameters in an HTTP request, allowing an unauthenticated, remote attacker to redirect a user to a malicious web page by persuading them to click a crafted link. This could enable the attacker to redirect the user to any arbitrary URL.
Recommendations
For Cisco HyperFlex HX Data Platform versions 5.0 through 5.5, update to a version that includes the fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Hyperflex Hx Data Platform