CVE-2015-3292

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...

Vulnerability in NetApp OnCommand Balance

NetApp OnCommand Balance is a NetApp solution that provides guidance on how to optimize the performance and capacity of virtual and physical data center infrastructures. A security vulnerability exists in NetApp OnCommand Balance versions prior to 4.2P3. An attacker could exploit the vulnerabilit...

NetApp OnCommand Balance Privilege Control Vulnerability

NetApp OnCommand Balance is a NetApp solution that provides guidance on how to optimize the performance and capacity of virtual and physical data center infrastructures. A security vulnerability exists in NetApp OnCommand Balance prior to version 4.2P2 that stems from the inclusion of default...

CVE-2014-9354

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage...

CVE-2014-9353

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors...

Design/Logic Flaw

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors...

Open redirect

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage...

CVE-2014-9354

CVE-2014-9354 affects NetApp OnCommand Balance before 4.2P3. The vulnerability enables local users to obtain sensitive information due to cleartext storage. Affected product: NetApp OnCommand Balance; root cause: cleartext storage leading to information disclosure. Potential impact: exposure of s...

CVE-2014-9353

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors...

CVE-2014-9353

Affected product: NetApp OnCommand Balance. Vulnerability: presence of a default privileged account in Balance prior to version 4.2P2, enabling remote privilege elevation via unspecified vectors. Root cause: default privileged account included in the application. Impact: attacker could gain privi...

CVE-2014-9354

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage...

Release Notes for Veeam Backup & Replication 8.0 Patch 1

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 8.0 Update 1 Cause Please confirm you are running version 8.0.0.807, 8.0.0.817 or 8.0.0.831 prior to installing...

Veeam doesn't clean up temporary datastore in vSphere after restore from NetApp storage snapshot

Challenge After completing one of the restore options available for NetApp storage snapshot, you may notice that the temporary datastore under the name "snap--" is still mounted on the ESXi hosts with inactive status. See the screenshot below for an example: After a manual rescan of the storage...

Netapp API Settings

Binary data netappapisettings.nbin...

SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager

SEC Consult Vulnerability Lab Security Advisory 20130507-0 ======================================================================= title: Multiple vulnerabilities product: NetApp OnCommand System Manager vulnerable version: = 2.1 and =2.0.2 fixed version: 2.2 only XSS fixed CVE: CVE-2013-3320 XSS...

NetApp OnCommand System Manager - zapiServlet CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities

NetApp OnCommand System Manager - zapiServlet CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities...

NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run...

NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run...

NetApp OnCommand System Manager 2.1 / 2.0.2 XSS / File Inclusion / Command Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: NetApp OnCommand System Manager vulnerable version: = 2.1 and =2.0.2 fixed version: 2.2 only XSS fixed CVE: CVE-2013-3320 XSS...

NetApp OnCommand System Manager - zapiServlet User Management Interface Multiple Cross-Site Scripting Vulnerabilities

NetApp OnCommand System Manager - zapiServlet User Management Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails ...