A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user. This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(2a).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-02-20T23:00:00Z
Updated: 2024-09-17T01:26:44.170Z
Reserved: 2018-08-17T00:00:00
Link: CVE-2018-15380
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-02-20T23:29:00.193
Modified: 2019-10-09T23:35:29.437
Link: CVE-2018-15380
Redhat
No data.