CVE-2017-15518

CVE-2017-15518 affects NetApp OnCommand API Services (versions prior to 2.1) and NetApp Service Level Manager (prior to 1.0RC4). Root cause is that a privileged database user password is logged during operation; the vulnerability is mitigated by upgrading to the fixed versions. Documents indicate...

CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is...

NetApp AltaVault OST Plugin Information Disclosure Vulnerability

NetApp AltaVault is a cloud storage solution from NetApp, Inc. that features scalability, data encryption, and support for data backup and recovery. The solution features scalability, data encryption, and support for data backup and recovery.OST Plug-in is one of the APIs used to provide backup a...

NetApp Clustered Data ONTAP Denial of Service Vulnerability

NetApp Clustered Data ONTAP is a set of storage operating system for clustered mode from American NetApp. The system supports users to enhance the performance of enterprise applications and improve data center flexibility and so on. A denial of service vulnerability exists in NetApp Clustered Dat...

Design/Logic Flaw

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in SMB environments...

CVE-2017-14583

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in SMB environments...

CVE-2017-14583

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in SMB environments...

CVE-2017-14583

NetApp Clustered Data ONTAP (versions 9.x before 9.1P10 and 9.2P2) is affected by CVE-2017-14583, a vulnerability that can cause Denial of Service in SMB environments. The root cause is not explicitly detailed in the provided documents beyond the affected versions and the DoS impact. The CVE refe...

CVE-2017-14583

NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in SMB environments...

NetApp VASA Provider for Clustered Data ONTAP Information Disclosure Vulnerability

NetApp VASA Provider for Clustered Data ONTAP is a virtual program for VASA for Clustered Data ONTAP storage systems from NetApp, USA. The program is capable of providing communication capabilities between storage arrays. A security vulnerability exists in NetApp VASA Provider for Clustered Data...

NetApp OnCommand Unified Manager Unauthorized Operation Vulnerability

NetApp OnCommand Unified Manager is a set of ONTAP system management software from the U.S. company NetApp. The software can simplify data management, monitoring storage system infrastructure and detect faults. A security vulnerability exists in NetApp OnCommand Unified Manager versions prior to...

NetApp SnapCenter Server Cross-Site Request Forgery Vulnerability

NetApp SnapCenter is a suite of applications from NetApp, Inc. that provide the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is a server version... A cross-site request forgery vulnerability exists in NetApp SnapCenter Server versions 1.1 throug...

Information disclosure

AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution...

CVE-2017-15517

AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution...

CVE-2017-15517

CVE-2017-15517 affects the NetApp AltaVault OST Plug-in (versions prior to 1.2.2). The vulnerability enables a local attacker to obtain sensitive information via unspecified vectors, resulting in partial confidentiality impact (no integrity/availability impact stated). The fixed version is 1.2.2 ...

CVE-2017-15517

AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution...

CVE-2017-15516

NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery CSRF vulnerability which could be used to cause an unintended authenticated action in the user interface...

CVE-2017-15516

NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery CSRF vulnerability which could be used to cause an unintended authenticated action in the user interface...

Cross site request forgery (csrf)

NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery CSRF vulnerability which could be used to cause an unintended authenticated action in the user interface...

CVE-2017-15516

NetApp SnapCenter Server versions 1.1–2.x are vulnerable to Cross-Site Request Forgery (CSRF) that can cause unintended authenticated actions in the UI. The issue is caused by CSRF in the server’s web interface, enabling an attacker to exploit a user’s authenticated session to perform actions wit...