OS Command Injection in HyperFlex HX - CVE-2021-1497
Published: May 6, 2021 / Updated: August 25, 2021
Vulnerability identifier: #VU52944
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2021-1497
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Cisco Systems, Inc
Affected software:
HyperFlex HX
HyperFlex HX
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system as the root user.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability is being exploited in-the-wild by the Mirai botnet in August 2021.
How to mitigate CVE-2021-1497
Install updates from vendor's website.