Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snapcenter vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-1096
SnapCenter versions 4.7 before 4.7P2 and 4.8 before 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to gain access as an admin user.
Netapp Snapcenter 4.8
Netapp Snapcenter 4.7
8.8
CVSSv3
CVE-2017-15516
NetApp SnapCenter Server versions 1.1 up to and including 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used to cause an unintended authenticated action in the user interface.
Netapp Snapcenter Server 2.0
Netapp Snapcenter Server 1.1
5.5
CVSSv3
CVE-2022-23234
SnapCenter versions before 4.5 are susceptible to a vulnerability which could allow a local authenticated malicious user to discover plaintext HANA credentials.
Netapp Snapcenter
7.5
CVSSv3
CVE-2022-38732
SnapCenter versions before 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.
Netapp Snapcenter
7.8
CVSSv3
CVE-2023-27316
SnapCenter versions 4.8 up to and including 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed.
Netapp Snapcenter
8.8
CVSSv3
CVE-2023-27313
SnapCenter versions 3.x and 4.x before 4.9 are susceptible to a vulnerability which may allow an authenticated unprivileged user to gain access as an admin user.
Netapp Snapcenter
5.3
CVSSv3
CVE-2018-5482
NetApp SnapCenter Server before 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.
Netapp Snapcenter Server
4.8
CVSSv3
CVE-2017-15515
NetApp SnapCenter Server before 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field.
Netapp Snapcenter Server
7.2
CVSSv3
CVE-2017-15519
Versions of SnapCenter 2.0 up to and including 3.0.1 allow unauthenticated remote malicious users to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 followin...
Netapp Snapcenter Server
NA
CVE-2007-2379
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures t...
Jquery Jquery -
Netapp Snapcenter -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »