CVE-2023-20263

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.

Severity	MEDIUM
CVSS	4.7
EPSS	0.36% EPSS medium
CWE	CWE-601
KEV
Published	2 years ago
Modified	1 year ago

Public Affected Products

Product	Advisory	Evidence
Cisco HyperFlex HX Data Platform	cisco-sa-hyperflex-redirect-UxLgqdUF	Cisco CSAF · structured affected