Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2019-1975 is a medium severity vulnerability with a CVSS score of 6.1. No known exploits currently, and patches are available.
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks.
| Vendor | Product |
|---|---|
| Cisco | Hyperflex Hx240c M5 |
| Cisco | Hyperflex Hx220c M5 Firmware |
| Cisco | Hyperflex Hx240c M5 Firmware |
| Cisco | Hyperflex Hx220c Edge M5 Firmware |
| Cisco | Hyperflex Hx240c Af M5 Firmware |
| Cisco | Hyperflex Hx240c Af M5 |
| Cisco | Hyperflex Hx220c Edge M5 |
| Cisco | Hyperflex Hx220c Af M5 Firmware |
| Cisco | Hyperflex Hx220c Af M5 |
| Cisco | Hyperflex Hx220c M5 |