Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oncommand system manager vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2020-8587
OnCommand System Manager 9.x versions before 9.3P20 and 9.4 before 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs.
Netapp Oncommand System Manager
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
605
VMScore
CVE-2016-5045
NetApp OnCommand System Manager prior to 9.0 allows remote malicious users to obtain sensitive credentials via vectors related to cluster peering setup.
Netapp Oncommand System Manager 8.3.2
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3
356
VMScore
CVE-2016-5047
NetApp OnCommand System Manager 8.3.x prior to 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3.2
Netapp Oncommand System Manager 8.3
312
VMScore
CVE-2019-17276
OnCommand System Manager versions 9.3 before 9.3P18 and 9.4 before 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated malicious user to inject arbitrary scripts into the SNMP Community Names label field.
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
534
VMScore
CVE-2013-3321
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
Netapp Oncommand System Manager
801
VMScore
CVE-2013-3322
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to inject arbitrary commands in the Halt/Reboot interface.
Netapp Oncommand System Manager
440
VMScore
CVE-2013-3320
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager prior to 2.2 allows remote malicious users to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
Netapp Oncommand System Manager
2 EDB exploits
392
VMScore
CVE-2016-3063
Multiple functions in NetApp OnCommand System Manager prior to 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.
Netapp Oncommand System Manager
445
VMScore
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server co...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Canonical Ubuntu Linux 20.04
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager 3.0
Netapp Oncommand System Manager 3.1.3
1 Github repository
384
VMScore
CVE-2020-7656
jquery before 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...
Jquery Jquery
Oracle Peoplesoft Enterprise Peopletools 8.58
Netapp Snap Creator Framework -
Netapp Cloud Backup -
Netapp Oncommand System Manager
Netapp Active Iq Unified Manager -
Juniper Junos 21.2
3 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »