Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp oncommand system manager vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-8587
OnCommand System Manager 9.x versions before 9.3P20 and 9.4 before 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs.
Netapp Oncommand System Manager
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
6.8
CVSSv2
CVE-2016-5045
NetApp OnCommand System Manager prior to 9.0 allows remote malicious users to obtain sensitive credentials via vectors related to cluster peering setup.
Netapp Oncommand System Manager 8.3
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3.2
4
CVSSv2
CVE-2016-5047
NetApp OnCommand System Manager 8.3.x prior to 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
Netapp Oncommand System Manager 8.3
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3.2
3.5
CVSSv2
CVE-2019-17276
OnCommand System Manager versions 9.3 before 9.3P18 and 9.4 before 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated malicious user to inject arbitrary scripts into the SNMP Community Names label field.
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
4.4
CVSSv2
CVE-2016-3063
Multiple functions in NetApp OnCommand System Manager prior to 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.
Netapp Oncommand System Manager
6
CVSSv2
CVE-2013-3321
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
Netapp Oncommand System Manager
9
CVSSv2
CVE-2013-3322
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to inject arbitrary commands in the Halt/Reboot interface.
Netapp Oncommand System Manager
4.3
CVSSv2
CVE-2013-3320
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager prior to 2.2 allows remote malicious users to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
Netapp Oncommand System Manager
2 EDB exploits
4.3
CVSSv2
CVE-2020-7656
jquery before 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...
Jquery Jquery
Oracle Peoplesoft Enterprise Peopletools 8.58
Netapp Active Iq Unified Manager -
Netapp Cloud Backup -
Netapp Oncommand System Manager
Netapp Snap Creator Framework -
Juniper Junos 21.2
1 Github repository
6.5
CVSSv2
CVE-2018-12538
In Eclipse Jetty versions 9.4.0 up to and including 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions pre...
Eclipse Jetty
Netapp E-series Santricity Management Plug-ins -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services Proxy -
Netapp Element Software -
Netapp Hyper Converged Infrastructure -
Netapp Oncommand System Manager
Netapp Oncommand Unified Manager -
Netapp Santricity Cloud Connector -
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »