CVE-2023-20263

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 6, 2023

Updated: Jan 25, 2024

CWE ID 601

Summary

CVE-2023-20263 is a newly disclosed vulnerability affecting the web-based management interface of Cisco HyperFlex HX Data Platform. This issue allows unauthenticated, remote attackers to redirect users to malicious websites through improper input validation of HTTP request parameters. An attacker could capitalize on this vulnerability by crafting links that, if clicked, would redirect users to malicious sites. Successful exploitation could lead to potential data theft or installation of malware on affected systems. Users are advised to update their Cisco HyperFlex HX Data Platform software as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Cisco Systems Inc

Advisories, Assessments, and Mitigations

Back to Vulnerability Database