QID 730894
Date Published: 2023-09-20
QID 730894: Cisco HyperFlex HX Data Platform Open Redirect Vulnerability (cisco-sa-hyperflex-redirect-UxLgqdUF)
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
Affected Products
Prior to 5.0(2c)
from 5.5 prior to 5.5(1a)
QID Detection Logic (unauthenticated):
The QID matches the Vulnerable versions of Cisco HyperFlex by sending HTTP GET request to 'hx/api/about'.
A successful exploit could allow the attacker to redirect a user to a malicious website.
Solution
Customers are advised to refer to cisco-sa-hyperflex-redirect-UxLgqdUF for more information.
Vendor References
- cisco-sa-hyperflex-redirect-UxLgqdUF -
sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-redirect-UxLgqdUF
CVEs related to QID 730894
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-hyperflex-redirect-UxLgqdUF |
|