EUVD-2019-15078

Malware in sbrugna...

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

Security Bulletin: Vulnerabilities in OpenSSL affect Data ONTAP SMI-S Agent，OnCommand Workflow Automation ，OnCommand Unified Manager Core Package (5.x)，Open Systems SnapVault Agent (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)

Summary OpenSSL vulnerabilities were disclosed on October 15, 2014 by the OpenSSL Project. OpenSSL is used by Data ONTAP SMI-S Agent，OnCommand Workflow Automation ，OnCommand Unified Manager Core Package 5.x，Open Systems SnapVault Agent. These products have addressed the applicable CVEs...

Missing HTTP Security Headers in NetApp OnCommand Workflow Automation - US

Lenovo Security Advisory: LEN-29480 Potential Impact: Information Disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2019-5503 Summary Description: NetApp reported that OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers...

NetApp OnCommand Workflow Automation Information Disclosure Vulnerability

NetApp OnCommand Workflow Automation is a suite of storage process management software from American NetApp. The software provides storage configuration, storage cloning and other functions for the database or file system. An information disclosure vulnerability exists in NetApp OnCommand Workflo...

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

CVE-2019-5503

CVE-2019-5503 concerns NetApp OnCommand Workflow Automation. The affected product versions “prior to 5.0” allegedly shipped without certain HTTP security headers, potentially enabling information disclosure via unspecified vectors. The Red Hat/Lenovo entries confirm the same CVE description and r...

CVE-2016-1894

NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors...

CVE-2016-1894

CVE-2016-1894 affects NetApp OnCommand Workflow Automation prior to version 3.1P2. The vulnerability is an authentication bypass that enables remote attackers to bypass authentication via unspecified vectors. The issue is documented across multiple sources (NVD entries and vendor/CNVD references)...

Code injection

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2015-3292

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol JDWP service, which allows remote attackers to execute arbitrary code via unspecified vectors...