CVE-2019-12621

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the cluster. A successful exploit could allow the attacker to perform a man-in-the-middle attack against other nodes in the cluster.

Data: Cisco advisories 1 day ago · Cisco CSAF 5 hours ago · NVD CVEs 8 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	HIGH
CVSS	7.4
EPSS	0.06% EPSS low
CWE	CWE-320
KEV
Published	6 years ago
Modified	1 year ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco HyperFlex HX-Series	cisco-sa-20190821-hyperflex-sslkey	structured affected CSAF product_status