RSS   Vulnerabilities for 'Cohesity dataplatform'   RSS

2021-04-02
 
CVE-2021-28124

CWE-287
 

 
A man-in-the-middle vulnerability in Cohesity DataPlatform support channel in version 6.3 up to 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. Missing server authentication in impacted versions can allow an attacker to Man-in-the-middle (MITM) support channel UI session to Cohesity DataPlatform cluster.

 
 
CVE-2021-28123

CWE-798
 

 
Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6.3.1g, 6.4 up to 6.4.1c and 6.5.1 through 6.5.1b. The ssh key can provide an attacker access to the linux system in the affected version.

 


Copyright 2024, cxsecurity.com

 

Back to Top