New security vulnerabilitities impact Cisco’s HyperFlex server infrastructure

• HyperFlex is Cisco’s hyper-converged infrastructure for cloud applications.
• The networking company identified a command injection vulnerability as well as a root access flaw in HyperFlex.

In its latest security advisories, Cisco has revealed two serious vulnerabilities existing in the multi-cloud platform Hyperflex. The advisories address a command injection vulnerability and a root access flaw respectively. Attackers could compromise HyperFlex software if they manage to exploit these bugs.

Command Injection vulnerability

The more severe one among the two is the command injection vulnerability. Cisco has mentioned that the bug is due to ‘insufficient input validation’ in the cluster service manager of Hyperflex.

Rogue actors could simply inject malicious commands into the cluster service manager allowing them admin privileges. The advisory concerning this bug shows it as ‘High’ severity with a CVSS Score of 8.8.

No workarounds are available as of now but the company has advised HyperFlex users to update the software to the latest version.

Root Access vulnerability

The second vulnerability is a root access flaw in a specific HyperFlex service called hxterm. Cisco indicates that the flaw is because of an authentication control issue. As a result, attackers can simply connect to the hxterm service as a local user and exploit it to gain root access for all member nodes in the HyperFlex cluster.

Just like the previous case, Cisco has advised users to update the software. No workarounds are available for this flaw either. The advisory shows it as ‘High’ severity and the bug has been rated with a CVSS Score of 8.1.

In February, Cisco has released a string of security advisories for many of its products. While most of them were related to arbitrary code execution vulnerabilities, some were related to Graphic services and cross-site scripting flaws as well. All of these have been patched in software updates brought out by Cisco.