Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp oncommand unified manager - vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-5485
NetApp OnCommand Unified Manager for Windows versions 7.2 up to and including 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack.
Netapp Oncommand Unified Manager
3.5
CVSSv2
CVE-2017-7568
NetApp OnCommand Unified Manager for 7-Mode (core package) versions before 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface.
Netapp Oncommand Unified Manager
5
CVSSv2
CVE-2019-5494
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an malicious user to obtain sensitive information via unspecified vectors.
Netapp Oncommand Unified Manager
5
CVSSv2
CVE-2019-5495
OnCommand Unified Manager for VMware vSphere, Linux and Windows before 9.5 shipped without certain HTTP Security headers configured which could allow an malicious user to obtain sensitive information via unspecified vectors.
Netapp Oncommand Unified Manager
5.8
CVSSv2
CVE-2018-5481
OnCommand Unified Manager for 7-Mode (core package) before 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
Netapp Oncommand Unified Manager
4.6
CVSSv2
CVE-2018-5486
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local malicious users to execute arbitrary code.
Netapp Oncommand Unified Manager
7.5
CVSSv2
CVE-2018-5487
NetApp OnCommand Unified Manager for Linux versions 7.2 up to and including 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.
Netapp Oncommand Unified Manager
4
CVSSv2
CVE-2018-3280
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: JSON). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Unified Manager
Netapp Oncommand Insight -
4
CVSSv2
CVE-2018-3137
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Unified Manager
Netapp Oncommand Insight -
4
CVSSv2
CVE-2018-3145
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Se...
Oracle Mysql
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »