CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...

CVE-2018-5485

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack...

Privilege escalation

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack...

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...

Remote code execution

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...

CVE-2018-5485

NetApp OnCommand Unified Manager for Windows versions 7.2–7.3 contain an elevation of privilege vulnerability. This is documented in multiple sources (NVD/CNVD) with the vulnerability described as allowing privilege escalation on affected Windows installations. The documents do not provide the ex...

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux (versions 7.2–7.3) is affected. The JMX RMI service is bound to the network, enabling unauthenticated remote code execution. Documented by multiple sources (NVD entry CVE-2018-5487 and CNVD-2018-10340) withImpact described as remote arbitrary code execut...

CVE-2018-5485

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack...

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation JMX RMI service bound to the network, and are susceptible to unauthenticated remote code execution...

Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected ARM Cortex A15 ARM Cortex A57 ARM Cortex A72 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix...

NetApp OnCommand Unified Manager for Linux Arbitrary Code Execution Vulnerability

NetApp OnCommand Unified Manager for Linux is a set of Linux-based ONTAP system management software from the U.S. company NetApp. The software can simplify data management, monitoring storage system infrastructure and detect faults and so on. A security vulnerability exists in NetApp OnCommand...

CVE-2018-5486

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...

CVE-2018-5486

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...

Code injection

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...

CVE-2018-5486

CVE-2018-5486 affects NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3, where the Java Debug Wire Protocol (JDWP) is left enabled. This enables unauthorized local attackers to execute arbitrary code. The connected sources corroborate an arbitrary code execution impact due to JD...

CVE-2018-5486

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol JDWP enabled which allows unauthorized local attackers to execute arbitrary code...

NetApp SnapCenter Information Disclosure Vulnerability

NetApp SnapCenter is a suite of applications from NetApp, Inc. that provide the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is a server version... A security vulnerability exists in NetApp SnapCenter versions 2.0 through 3.0.1. A remote attacke...

NetApp OnCommand API Services and Service Level Manager Information Disclosure Vulnerability

NetApp OnCommand API Services and Service Level Manager are both products of the U.S. NetApp OnCommand API Services is a set of API management tools.Service Level Manager is service content management software. An information disclosure vulnerability exists in NetApp OnCommand API Services versio...

CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is...

CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is...