CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

Cross site scripting

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

CVE-2017-15515

NetApp SnapCenter Server prior to version 4.0 is affected by a cross-site scripting (XSS) vulnerability in the custom secondary policy label field. The issue is documented under CVE-2017-15515 and appears in multiple feeds (NVD, CVE List, CNVD). Impact stated in the sources: a privileged attacker...

NetApp Data ONTAP Detection Consolidation

Consolidation of NetApp Data ONTAP detections. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

Moderate: Red Hat Security Advisory: openstack-cinder security and bug fix update

An update for openstack-cinder is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Program Looks to Tap Military Vets for Cyber-Jobs

Cisco Talos, NetApp and Maryland’s state government announced an initiative to help military veterans in that state transition into civilian positions in cybersecurity. The hope is that it will address twin goals: To help the hundreds of thousands of discharged veterans flowing into the workplace...

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution...

Remote code execution

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution...

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution...

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution...

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later (up to 11.30.5) is affected by CVE-2018-5492, enabling unauthenticated remote code execution. The vulnerability is due to a flaw in the controller OS that allows arbitrary code execution over the network without authentication, wit...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client NetApp Services (CVE-2017-3737, CVE-2017-3738, CVE-2018-0733, CVE-2018-0739)

Summary OpenSSL vulnerabilities were disclosed on December 7, 2017 and March 27, 2018 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect formerly Tivoli Storage Manager Client for network connections with NetApp services, has addressed the applicable CVEs. Vulnerability Details...

NetApp 7-Mode Transition Tool Information Disclosure Vulnerability

NetApp 7-Mode Transition Tool is a data migration tool from the American company NetApp. A security vulnerability exists in NetApp 7-Mode Transition Tool prior to version 2.0, which stems from the program's failure to enforce authorization policies on previously collected file information and...

CVE-2018-5490

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...

Code injection

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...

CVE-2018-5490

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...

CVE-2018-5490

NetApp Data ONTAP 8.3 RC releases are affected by CVE-2018-5490 where read-only export policy rules were not correctly enforced, potentially allowing more than read-only access via authenticated SMBv2/v3 clients. The issue has been resolved in the GA 8.3 release; customers running RCs should upda...

CVE-2018-5490

Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release...