Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-3389
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Cisco Hyperflex HX-Series Software Weak Storage Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the installation component of Cisco Hyperflex HX-Series Software could allow an authenticated, local attacker to retrieve the password that was configured at installation on an affected device. The vulnerability exists because sensitive information is stored as clear text. An attacker could exploit this vulnerability by authenticating to an affected device and navigating to the directory that contains sensitive information. A successful exploit could allow the attacker to obtain sensitive information in clear text from the affected device.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
加密问题
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Hyperflex HX-Series Software安装模块加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco HyperFlex Software是美国思科(Cisco)公司的一套套可扩展的分布式文件系统。该系统通过云管理提供统一的计算、存储和网络,并提供企业级数据管理和优化服务。 Cisco Hyperflex HX-Series Software 4.0(2a)及之前版本中的安装组件存在加密问题漏洞,该漏洞源于程序将敏感信息存储为明文形式。本地攻击者可向设备进行身份验证并导航到带有敏感信息的路径利用该漏洞获取敏感信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
CiscoCisco HyperFlex HX Data Platform n/a -
II. Public POCs for CVE-2020-3389
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2020-3389
Please Login to view more intelligence information
New Vulnerabilities
Product: Cisco HyperFlex HX Data Platform
Vendor: Cisco
Same weakness: CWE-310
V. Comments for CVE-2020-3389

No comments yet

Leave a comment