{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T17:18:12.252","vulnerabilities":[{"cve":{"id":"CVE-2019-12621","sourceIdentifier":"psirt@cisco.com","published":"2019-08-21T18:15:13.353","lastModified":"2024-11-21T04:23:12.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the cluster. A successful exploit could allow the attacker to perform a man-in-the-middle attack against other nodes in the cluster."},{"lang":"es","value":"Una vulnerabilidad en el software Cisco HyperFlex podría permitir que un atacante remoto no autenticado realice un ataque man-in-the-middle. La vulnerabilidad se debe a una gestión de claves insuficiente. Un atacante podría aprovechar esta vulnerabilidad al obtener una clave de cifrado específica para el clúster. Una explotación exitosa podría permitir al atacante realizar un ataque de hombre en el medio contra otros nodos en el clúster."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-320"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_m5_firmware:3.0\\(1a\\):*:*:*:*:*:*:*","matchCriteriaId":"58FC3EAE-8782-4B0E-9A4E-44992AC084C4"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_m5_firmware:3.5\\(2a\\):*:*:*:*:*:*:*","matchCriteriaId":"178FAB77-1990-4E88-B807-B4D894009AFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:hyperflex_hx220c_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"6E19D6AF-E190-463D-B359-BB02362490D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx240c_m5_firmware:3.0\\(1a\\):*:*:*:*:*:*:*","matchCriteriaId":"CC9E6658-E058-4A76-9793-1A2DEB361A2A"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx240c_m5_firmware:3.5\\(2a\\):*:*:*:*:*:*:*","matchCriteriaId":"90FA83FB-2D2E-4456-8362-9C5046346107"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:hyperflex_hx240c_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"5009EC3A-40C9-44B0-8E5E-599657F819FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_af_m5_firmware:3.0\\(1a\\):*:*:*:*:*:*:*","matchCriteriaId":"5E0F3A0F-5A96-425F-9885-D0EFDB3A57B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_af_m5_firmware:3.5\\(2a\\):*:*:*:*:*:*:*","matchCriteriaId":"E03529C2-1F95-4392-8845-68250211476B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:hyperflex_hx220c_af_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"0D5AFDE1-3A3B-4AF8-A425-492558B0B2EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx240c_af_m5_firmware:3.0\\(1a\\):*:*:*:*:*:*:*","matchCriteriaId":"BAD7F4B8-8287-4962-BA46-394F34ECC3BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx240c_af_m5_firmware:3.5\\(2a\\):*:*:*:*:*:*:*","matchCriteriaId":"22F1CD5A-59FD-4F15-97DB-3FB7AF169E11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:hyperflex_hx240c_af_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"EFF775A8-5A2C-42B7-B26C-85921D803A25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_edge_m5_firmware:3.0\\(1a\\):*:*:*:*:*:*:*","matchCriteriaId":"8FF29A95-E8D3-4299-AE77-B7A349A9389F"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:hyperflex_hx220c_edge_m5_firmware:3.5\\(2a\\):*:*:*:*:*:*:*","matchCriteriaId":"10CD6BC0-5CE5-43C9-B078-28D12EFAFBA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:hyperflex_hx220c_edge_m5:-:*:*:*:*:*:*:*","matchCriteriaId":"9B38E0BA-D320-406B-8739-6218B96DFD24"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-hyperflex-sslkey","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-hyperflex-sslkey","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}