Browse all 6 CVE security advisories affecting OSNEXUS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
OSNEXUS develops storage management software for hyper-converged infrastructure. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws. The company maintains six CVEs on record, with several issues allowing unauthorized access or system compromise. While no major public security incidents have been widely documented, the presence of multiple RCE vulnerabilities in past versions highlights potential attack surfaces. Security researchers have noted that some vulnerabilities could enable complete system compromise under specific configurations, emphasizing the need for timely patching and access controls in environments running their software.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-4406 | Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version 6.0.0.355 and others — QuantaStorCWE-77 | 9.1 | Critical | 2023-07-10 |
| CVE-2021-42081 | Authenticated Remote Command Execution vulnerability in OSNEXUS QuantaStor before 6.0.0.355 — QuantaStorCWE-78 | 9.1 | Critical | 2023-07-10 |
| CVE-2021-42083 | Authenticated Stored XSS in OSNEXUS QuantaStor 6.0.0.335 — QuantaStorCWE-79 | 8.7 | High | 2023-07-10 |
| CVE-2021-42082 | Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355 — QuantaStorCWE-269 | 7.8 | High | 2023-07-10 |
| CVE-2021-42080 | Reflected XSS vulnerability in OSNEXUS QuantaStor before 6.0.0.355 — QuantaStorCWE-79 | 7.4 | High | 2023-07-10 |
| CVE-2021-42079 | SSRF vulnerability in OSNEXUS QuantaStor before 6.0.0.355 — QuantaStorCWE-918 | 6.2 | Medium | 2023-07-10 |
This page lists every published CVE security advisory associated with OSNEXUS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.