Lucene search
K

138 matches found

Prion
Prion
added 2022/03/16 3:15 p.m.20 views

Design/Logic Flaw

SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials...

2.1CVSS5.3AI score0.00162EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/16 2:12 p.m.157 views

CVE-2022-23234

Vulnerability exists in NetApp SnapCenter prior to 4.5. A local authenticated attacker could read plaintext HANA credentials from SnapCenter components. Affected product: SnapCenter (versions before 4.5). Root cause details are not fully disclosed in the provided documents beyond the credential d...

5.5CVSS5.2AI score0.00162EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/16 2:12 p.m.26 views

CVE-2022-23234

SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials...

5.5AI score0.00162EPSS
Exploits0References1
Lenovo
Lenovo
added 2022/03/07 8:51 p.m.9 views

NetApp SnapCenter Information Disclosure Vulnerability - Lenovo Support US

No description provided...

5.5CVSS7AI score0.00162EPSS
Exploits0
CNVD
CNVD
added 2019/03/05 12:0 a.m.5 views

NetApp SnapCenter Server Cross-Site Scripting Vulnerability

NetApp SnapCenter is a suite of applications from NetApp, Inc. that provides the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is one of the server components. A cross-site scripting vulnerability exists in NetApp SnapCenter Server versions prior...

4.8CVSS6.2AI score0.00676EPSS
Exploits0References1
Prion
Prion
added 2019/03/04 11:29 p.m.18 views

Design/Logic Flaw

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...

5CVSS5.2AI score0.00926EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/04 11:29 p.m.15 views

CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...

5.3CVSS5.2AI score0.00926EPSS
Exploits0References2
OSV
OSV
added 2019/03/04 11:29 p.m.7 views

CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...

5.3CVSS5.8AI score0.00926EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/03/04 11:0 p.m.20 views

CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...

5.3AI score0.00926EPSS
Exploits0References2
CVE
CVE
added 2019/03/04 11:0 p.m.63 views

CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 is affected by a vulnerability where a sensitive cookie is not secured with the Secure flag in HTTPS sessions, potentially allowing the cookie to be transmitted in cleartext over an unencrypted channel. Root cause: missing Secure attribute on a sensitive cook...

5.3CVSS5.2AI score0.00926EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/03/04 10:29 p.m.17 views

CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

4.8CVSS4.9AI score0.00676EPSS
Exploits0References2
Prion
Prion
added 2019/03/04 10:29 p.m.23 views

Cross site scripting

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

3.5CVSS4.8AI score0.00676EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/03/04 10:29 p.m.3 views

CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

4.8CVSS5.3AI score0.00676EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/03/04 10:0 p.m.24 views

CVE-2017-15515

NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...

4.9AI score0.00676EPSS
Exploits0References2
CVE
CVE
added 2019/03/04 10:0 p.m.52 views

CVE-2017-15515

NetApp SnapCenter Server prior to version 4.0 is affected by a cross-site scripting (XSS) vulnerability in the custom secondary policy label field. The issue is documented under CVE-2017-15515 and appears in multiple feeds (NVD, CVE List, CNVD). Impact stated in the sources: a privileged attacker...

4.8CVSS4.9AI score0.00676EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/03/08 12:0 a.m.5 views

NetApp SnapCenter Information Disclosure Vulnerability

NetApp SnapCenter is a suite of applications from NetApp, Inc. that provide the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is a server version... A security vulnerability exists in NetApp SnapCenter versions 2.0 through 3.0.1. A remote attacke...

7.2CVSS6.7AI score0.012EPSS
Exploits0References1
NVD
NVD
added 2018/03/06 8:29 p.m.19 views

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

7.2CVSS7.1AI score0.012EPSS
Exploits0References1
OSV
OSV
added 2018/03/06 8:29 p.m.6 views

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

7.2CVSS5.8AI score0.012EPSS
Exploits0References1
Prion
Prion
added 2018/03/06 8:29 p.m.21 views

Design/Logic Flaw

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

6.4CVSS7.1AI score0.012EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/06 8:0 p.m.20 views

CVE-2017-15519

Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...

7.2AI score0.012EPSS
Exploits0References1
Rows per page
Query Builder