Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

netapp oncommand system manager vulnerabilities and exploits

(subscribe to this query)
8.1
CVSSv3
CVE-2021-20190
A flaw was found in jackson-databind prior to 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Fasterxml Jackson-databindNetapp Oncommand Insight -Netapp Service Level Manager -Netapp Oncommand Api Services -Netapp Active Iq Unified Manager -Apache NifiDebian Debian Linux 9.0Oracle Commerce Guided Search And Experience Manager 11.3.2
7.5
CVSSv3
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server co...
Apache Tomcat 9.0.0Apache Tomcat 10.0.0Apache TomcatCanonical Ubuntu Linux 20.04Oracle Workload Manager 18cOracle Workload Manager 19cOracle Workload Manager 12.2.0.1Oracle Siebel Ui FrameworkOracle Mysql Enterprise MonitorOpensuse Leap 15.1Opensuse Leap 15.2Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Oncommand System Manager 3.0Netapp Oncommand System Manager 3.1.3
5.5
CVSSv3
CVE-2021-3522
GStreamer prior to 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
Gstreamer Project GstreamerNetapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Netapp E-series Santricity Os ControllerOracle Openjdk 8
7.5
CVSSv3
CVE-2022-43551
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mecha...
Haxx CurlFedoraproject Fedora 37Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp Active Iq Unified Manager -Splunk Universal Forwarder 9.1.0Splunk Universal Forwarder
3.1
CVSSv3
CVE-2021-35588
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthen...
Oracle Openjdk 8Oracle Openjdk 7Oracle Graalvm 20.3.3Oracle Graalvm 21.2.0Netapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Netapp E-series Santricity Os ControllerFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0
7
CVSSv3
CVE-2019-12418
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack...
Apache TomcatDebian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Oracle Workload Manager 18cOracle Workload Manager 19cOracle Workload Manager 12.2.0.1Canonical Ubuntu Linux 16.04Opensuse Leap 15.1Netapp Oncommand System Manager
5.3
CVSSv3
CVE-2021-35565
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unau...
Oracle Openjdk 11.0.12Oracle Openjdk 8Oracle Openjdk 7Oracle Graalvm 20.3.3Oracle Graalvm 21.2.0Netapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp E-series Santricity Os ControllerNetapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2021-35578
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthe...
Oracle Openjdk 17Oracle Openjdk 11.0.12Oracle Openjdk 8Oracle Graalvm 20.3.3Oracle Graalvm 21.2.0Netapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp E-series Santricity Os ControllerNetapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35
6.8
CVSSv3
CVE-2021-35567
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows lo...
Oracle Openjdk 17Oracle Openjdk 11.0.12Oracle Openjdk 8Oracle Graalvm 20.3.3Oracle Graalvm 21.2.0Netapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp E-series Santricity Os ControllerNetapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35
5.3
CVSSv3
CVE-2021-35561
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allo...
Oracle Openjdk 17Oracle Openjdk 11.0.12Oracle Openjdk 8Oracle Openjdk 7Oracle Graalvm 20.3.3Oracle Graalvm 21.2.0Netapp Snapmanager -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp E-series Santricity Storage Manager -Netapp E-series Santricity Os ControllerNetapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Santricity Unified Manager -Netapp E-series Santricity Web Services -Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook