netapp service level manager - vulnerabilities and exploits

(subscribe to this query)

All versions of OnCommand API Services before 2.1 and NetApp Service Level Manager before 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further ac...

Netapp Oncommand Api Services Netapp Service Level Manager Netapp Service Level Manager 1.0

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

Qos Logback Qos Logback 1.3.0 Redhat Satellite 6.0 Netapp Cloud Manager -Netapp Service Level Manager -Netapp Snap Creator Framework -Siemens Sinec Nms

5 Github repositories

A flaw was found in jackson-databind prior to 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Fasterxml Jackson-databind Netapp Active Iq Unified Manager -Netapp Oncommand Api Services -Netapp Oncommand Insight -Netapp Service Level Manager -Apache Nifi Debian Debian Linux 9.0 Oracle Commerce Guided Search And Experience Manager 11.3.2

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an malicious user to cause an ...

Redhat Wildfly Redhat Fuse 6.0.0 Redhat Jboss Data Grid 7.0.0 Redhat Jboss Enterprise Application Platform 7.0.0 Redhat Jboss Fuse 7.0.0 Redhat Openshift Application Runtimes -Redhat Single Sign-on 7.0 Netapp Active Iq Unified Manager -Netapp Oncommand Insight -Netapp Service Level Manager -

A memory leak flaw was found in WildFly OpenSSL in versions before 1.1.3.Final, where it removes an HTTP session. It may allow the malicious user to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.

Redhat Wildfly Openssl Redhat Data Grid 8.0 Redhat Jboss Data Grid 7.0.0 Redhat Jboss Enterprise Application Platform 7.0.0 Redhat Jboss Fuse 7.0.0 Redhat Openshift Application Runtimes -Redhat Single Sign-on 7.0 Netapp Oncommand Insight -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -

FasterXML jackson-databind 2.0.0 up to and including 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.

Fasterxml Jackson-databind Debian Debian Linux 8.0 Netapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Steelstore Cloud Integrated Storage -Huawei Oceanstor 9000 Firmware V300r006c20 Huawei Oceanstor 9000 Firmware V300r006c20spc100 Huawei Oceanstor 9000 Firmware V300r006c20spc200 Huawei Oceanstor 9000 Firmware V300r006c20spc300 Oracle Global Lifecycle Management Opatch

7 Github repositories

A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

Fasterxml Jackson-databind Netapp Active Iq Unified Manager Netapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Steelstore Cloud Integrated Storage -Debian Debian Linux 8.0 Redhat Jboss Enterprise Application Platform 7.2 Redhat Jboss Enterprise Application Platform 7.3 Oracle Customer Management And Segmentation Foundation Oracle Goldengate Application Adapters 19.1.0.0.0 Oracle Retail Customer Management And Segmentation Foundation 17.0

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

Lodash Lodash Netapp Active Iq Unified Manager -Netapp Service Level Manager -Redhat Virtualization Manager 4.3 Oracle Banking Extensibility Workbench 14.3.0 Oracle Banking Extensibility Workbench 14.4.0 F5 Big-ip Access Policy Manager F5 Big-ip Advanced Firewall Manager F5 Big-ip Analytics F5 Big-ip Application Acceleration Manager F5 Big-ip Application Security Manager F5 Big-ip Application Visibility And Reporting

4 Github repositories

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.63 Apache Tomee 7.0.7 Apache Tomee 7.1.2 Apache Tomee 8.0.1 Netapp Active Iq Unified Manager Netapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Oracle Business Process Management Suite 12.2.1.3.0 Oracle Business Process Management Suite 12.2.1.4.0 Oracle Communications Convergence Oracle Communications Diameter Signaling Router

FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.

Fasterxml Jackson-databind Oracle Banking Platform Oracle Communications Billing And Revenue Management 7.5.0.23.0 Oracle Communications Billing And Revenue Management 12.0.0.3.0 Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1 Oracle Communications Contacts Server 8.0.0.4.0 Oracle Communications Evolved Communications Application Server 7.1 Oracle Communications Instant Messaging Server 10.0.1.4.0 Oracle Communications Network Charging And Control Oracle Communications Network Charging And Control 6.0.1 Oracle Customer Management And Segmentation Foundation 18.0 Oracle Enterprise Manager Base Platform 13.3.0.0

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook