Advisory ID: cisco-sa-20190220-hyper-xss CVE ID: CVE-2019-1665 CWE ID: CWE-79 Severity: Medium CVSS Score: 4.7 First Published: 2019 February 20 16:00 GMT Version: 1.0 Status: Final Summary: The vulnerability in the web-based management interface of Cisco HyperFlex software allows an unauthenticated remote attacker to conduct a cross-site scripting (XSS) attack. Affected Products - Vulnerable Products: Cisco HyperFlex - No products confirmed not vulnerable Workarounds: None known. Fixed Software: Customers are advised to consult Cisco bug ID(s) for software upgrades. Source: Found during internal security testing. URL: Cisco Security Advisory Link