← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-1498 — Actively Exploited: HyperFlex HX (Cisco)

Cisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.

CVE IDCVE-2021-1498
VendorCisco
ProductHyperFlex HX
Vulnerability nameCisco HyperFlex HX Data Platform Command Injection Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionCisco HyperFlex HX Installer Virtual Machine contains an insufficient input validation vulnerability which could allow an attacker to execute commands on an affected device as the tomcat8 user.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →