Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp oncommand unified manager vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-8585
OnCommand Unified Manager Core Package versions before 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
Netapp Oncommand Unified Manager
7.5
CVSSv3
CVE-2019-5495
OnCommand Unified Manager for VMware vSphere, Linux and Windows before 9.5 shipped without certain HTTP Security headers configured which could allow an malicious user to obtain sensitive information via unspecified vectors.
Netapp Oncommand Unified Manager
7.4
CVSSv3
CVE-2018-5481
OnCommand Unified Manager for 7-Mode (core package) before 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
Netapp Oncommand Unified Manager
7.8
CVSSv3
CVE-2018-5485
NetApp OnCommand Unified Manager for Windows versions 7.2 up to and including 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack.
Netapp Oncommand Unified Manager
7.8
CVSSv3
CVE-2018-5486
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local malicious users to execute arbitrary code.
Netapp Oncommand Unified Manager
9.8
CVSSv3
CVE-2018-5487
NetApp OnCommand Unified Manager for Linux versions 7.2 up to and including 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.
Netapp Oncommand Unified Manager
4.3
CVSSv3
CVE-2017-11461
NetApp OnCommand Unified Manager for 7-mode (core package) versions before 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface.
Netapp Oncommand Unified Manager
4.9
CVSSv3
CVE-2018-3279
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Unified Manager
Netapp Oncommand Insight -
6.5
CVSSv3
CVE-2018-3137
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Unified Manager
Netapp Oncommand Insight -
6.5
CVSSv3
CVE-2018-3203
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »