Intrusion PreventionCisco.HyperFlex.HX.upload.Handling.Directory.Traversal
Description
This indicates an attack attempt to exploit a Directory Traversal Vulnerability in Cisco Systems HyperFlex Software.
The vulnerability is due to improper input sanitization. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the web-based management interface of the target server. Successful exploitation could lead to arbitrary file creation on the target system
Affected Products
Cisco Systems HyperFlex Software prior to 4.0(2e)
Cisco Systems HyperFlex Software prior to 4.5(2a)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-upload-KtCK8Ugz
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-07-19 | 18.122 | Default_action:pass:drop |
| 2021-07-07 | 18.115 | |
| 2021-07-07 | 18.114 | |
| 2021-07-07 | 18.113 |
| ID | 50438 |
| Created | May 31, 2021 |
| Updated | Jul 16, 2021 |
| Risk |
|
| CVE ID | CVE-2021-1499 |
| Exploit Prediction Score | 96.52% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Cisco |