March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Alert – STRRAT Malware – Active IOCs
December 21, 2022
Rewterz Threat Advisory – CVE-2018-0147 – Cisco Secure Access Control System Vulnerability Exploit in the Wild
December 21, 2022
Rewterz Threat Alert – STRRAT Malware – Active IOCs
December 21, 2022
Rewterz Threat Advisory – CVE-2018-0147 – Cisco Secure Access Control System Vulnerability Exploit in the Wild
December 21, 2022
Severity
High
Analysis Summary
CVE-2021-1497
Cisco HyperFlex HX Installer Virtual Machine could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of input in the Web-based management interface. By sending a specially crafted request, an attacker could exploit this vulnerability to inject and execute arbitrary commands on the device with root privileges.
Impact
Command Execution
Indicators Of Compromise
CVE
- CVE-2021-1497
Affected Vendors
Cisco
Affected Products
- Cisco HyperFlex HX Installer Virtual Machine 4.0
- Cisco HyperFlex HX Installer Virtual Machine 4.5
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.