Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oncommand system manager vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-8587
OnCommand System Manager 9.x versions before 9.3P20 and 9.4 before 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an attacker who has access to the system where the client runs.
Netapp Oncommand System Manager
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
4
CVSSv2
CVE-2016-5047
NetApp OnCommand System Manager 8.3.x prior to 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3.2
Netapp Oncommand System Manager 8.3
6.8
CVSSv2
CVE-2016-5045
NetApp OnCommand System Manager prior to 9.0 allows remote malicious users to obtain sensitive credentials via vectors related to cluster peering setup.
Netapp Oncommand System Manager 8.3.2
Netapp Oncommand System Manager 8.3.1
Netapp Oncommand System Manager 8.3
3.5
CVSSv2
CVE-2019-17276
OnCommand System Manager versions 9.3 before 9.3P18 and 9.4 before 9.4P2 are susceptible to a cross site scripting vulnerability that could allow an authenticated malicious user to inject arbitrary scripts into the SNMP Community Names label field.
Netapp Oncommand System Manager 9.3
Netapp Oncommand System Manager 9.4
4.3
CVSSv2
CVE-2013-3320
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager prior to 2.2 allows remote malicious users to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
Netapp Oncommand System Manager
2 EDB exploits
6
CVSSv2
CVE-2013-3321
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
Netapp Oncommand System Manager
9
CVSSv2
CVE-2013-3322
NetApp OnCommand System Manager 2.1 and previous versions allows remote malicious users to inject arbitrary commands in the Halt/Reboot interface.
Netapp Oncommand System Manager
4.4
CVSSv2
CVE-2016-3063
Multiple functions in NetApp OnCommand System Manager prior to 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.
Netapp Oncommand System Manager
5
CVSSv2
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server co...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Canonical Ubuntu Linux 20.04
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager 3.0
Netapp Oncommand System Manager 3.1.3
1 Github repository
4.3
CVSSv2
CVE-2020-7656
jquery before 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...
Jquery Jquery
Oracle Peoplesoft Enterprise Peopletools 8.58
Netapp Snap Creator Framework -
Netapp Cloud Backup -
Netapp Oncommand System Manager
Netapp Active Iq Unified Manager -
Juniper Junos 21.2
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »