March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory –CVE-2020-3161 – Cisco IP Phones Vulnerability
June 2, 2022Rewterz Threat Advisory –CVE-2018-0171 – Cisco IOS and Cisco IOS XE Smart Install Vulnerability
June 2, 2022Rewterz Threat Advisory –CVE-2020-3161 – Cisco IP Phones Vulnerability
June 2, 2022Rewterz Threat Advisory –CVE-2018-0171 – Cisco IOS and Cisco IOS XE Smart Install Vulnerability
June 2, 2022
Severity
High
Analysis Summary
CVE-2021-1498
Cisco HyperFlex HX Data Platform could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of input in the Web-based management interface. By sending a specially crafted request, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the device tomcat8 user.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2021-1498
Affected Vendors
Cisco
Affected Products
Cisco HyperFlex HX Data Platform 4.0
Cisco HyperFlex HX Data Platform 4.5
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.