⚠ Actively exploited
Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2021-11-17. Required action: Apply updates per vendor instructions..

CVE-2021-1498

CWE-78OS Command InjectionCWE-77Command Injection9 documents8 sources
Severity
9.8CRITICAL
EPSS
94.2%
top 0.08%
CISA KEV
KEV
Added 2021-11-03
Due 2021-11-17
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Cisco Hyperflex HX Data PlatformCisco Cisco Hyperflex HX Data Platform
Timeline
PublishedMay 6
KEV addedNov 3
KEV dueNov 17
Latest updateMay 24
CISA Required Action: Apply updates per vendor instructions.

Description

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDcisco/hyperflex_hx_data_platform4.54.5\(2a\)+1

🔴Vulnerability Details

3
GHSA
GHSA-h6vv-5xx4-c25q: Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform comman2022-05-24
CVEList
Cisco HyperFlex HX Command Injection Vulnerabilities2021-05-06
VulnCheck
Cisco HyperFlex HX Data Platform Command Injection Vulnerability2021

💥Exploits & PoCs

1
Nuclei
Cisco HyperFlex HX Data Platform - Remote Command Execution

🔍Detection Rules

2
Suricata
ET EXPLOIT Cisco HyperFlex HX RCE Outbound (CVE-2021-1498)2021-07-08
Suricata
ET EXPLOIT Cisco HyperFlex HX RCE Inbound (CVE-2021-1498)2021-07-08

📋Vendor Advisories

2
CISA
Cisco HyperFlex HX Data Platform Command Injection Vulnerability2021-11-03
Cisco
Cisco HyperFlex HX Command Injection Vulnerabilities2021-05-05