Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco HyperFlex Software Unauthenticated Root Access Vulnerability
Vulnerability Description
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the hxterm service as a non-privileged, local user. A successful exploit could allow the attacker to gain root access to all member nodes of the HyperFlex cluster. This vulnerability affects Cisco HyperFlex Software Releases prior to 3.5(2a).
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco HyperFlex Software 访问控制错误漏洞
Vulnerability Description
Cisco HyperFlex Software是美国思科(Cisco)公司的一套套可扩展的分布式文件系统。该系统通过云管理提供统一的计算、存储和网络,并提供企业级数据管理和优化服务。 Cisco HyperFlex Software 3.5(2a)之前版本中的hxterm服务存在访问控制错误漏洞,该漏洞源于程序没有进行充分的身份验证控制。本地攻击者可通过连接hxterm服务利用该漏洞获取集群上所有节点的root访问权限。
CVSS Information
N/A
Vulnerability Type
N/A