39 matches found
CVE-2022-23235
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when...
Netapp Active IQ Unified Manager 信息泄露漏洞
Netapp Active IQ Unified Manager is an ONTAP storage product monitoring and management solution from Network Appliance Netapp. The product supports features such as performance monitoring and secret key management. A security vulnerability exists in Netapp Active IQ Unified Manager versions prior...
PT-2022-3765 · Netapp · Active Iq Unified Manager
Name of the Vulnerable Software and Affected Versions: Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 Description: The issue is related to the insufficient protection of service data in the AutoSupport mechanism, which could allow an attacker t...
NetApp Clustered Data ONTAP Information Disclosure Vulnerability (CNVD-2021-12090)
NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.1P18, 9.3P12. An attacker can exploit this vulnerability to discover node names via the AutoSupport bundl...
NetApp Clustered Data ONTAP Information Disclosure Vulnerability (CNVD-2021-12089)
NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.3P20. An attacker can exploit this vulnerability via the AutoSupport bundle to discover node names even i...
CVE-2020-8590
Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8578
Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8590
Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8578
Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
Code injection
Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
Code injection
Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8590
Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8578
Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...
CVE-2020-8578
CVE-2020-8578 affects NetApp Clustered Data ONTAP versions prior to 9.3P20. The vulnerability enables information disclosure by allowing an attacker to discover node names via AutoSupport bundles, even when the remove-private-data parameter is set to true. The NVD/NIST entry lists a Low severity ...
Netapp Clustered Data ONTAP 安全漏洞
NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.3P20. An attacker can exploit this vulnerability via the AutoSupport bundle to discover node names even i...
Netapp Clustered Data ONTAP 安全漏洞
NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.1P18, 9.3P12. An attacker can exploit this vulnerability to discover node names via the AutoSupport bundl...
CVE-2016-1404
Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by sniffing network traffic to an Autosupport...
CVE-2016-1404
CVE-2016-1404 affects Cisco UCS Invicta software, including Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System. The root cause is a single hardcoded GnuPG encryption key used across different customer installations, enabling remote attackers to defeat cryptographic prote...
Cisco UCS Invicta Software Default GPG Key Vulnerability
A vulnerability in Cisco UCS Invicta Software could allow an unauthenticated, remote attacker to access some encrypted information, if the attacker can intercept communication between an affected system and a Cisco UCS Invicta Autosupport server. The vulnerability is due to the presence of a...