138 matches found
Design/Logic Flaw
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials...
CVE-2022-23234
Vulnerability exists in NetApp SnapCenter prior to 4.5. A local authenticated attacker could read plaintext HANA credentials from SnapCenter components. Affected product: SnapCenter (versions before 4.5). Root cause details are not fully disclosed in the provided documents beyond the credential d...
CVE-2022-23234
SnapCenter versions prior to 4.5 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext HANA credentials...
NetApp SnapCenter Information Disclosure Vulnerability - Lenovo Support US
No description provided...
NetApp SnapCenter Server Cross-Site Scripting Vulnerability
NetApp SnapCenter is a suite of applications from NetApp, Inc. that provides the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is one of the server components. A cross-site scripting vulnerability exists in NetApp SnapCenter Server versions prior...
Design/Logic Flaw
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...
CVE-2018-5482
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...
CVE-2018-5482
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...
CVE-2018-5482
NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...
CVE-2018-5482
NetApp SnapCenter Server prior to 4.1 is affected by a vulnerability where a sensitive cookie is not secured with the Secure flag in HTTPS sessions, potentially allowing the cookie to be transmitted in cleartext over an unencrypted channel. Root cause: missing Secure attribute on a sensitive cook...
CVE-2017-15515
NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...
Cross site scripting
NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...
CVE-2017-15515
NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...
CVE-2017-15515
NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field...
CVE-2017-15515
NetApp SnapCenter Server prior to version 4.0 is affected by a cross-site scripting (XSS) vulnerability in the custom secondary policy label field. The issue is documented under CVE-2017-15515 and appears in multiple feeds (NVD, CVE List, CNVD). Impact stated in the sources: a privileged attacker...
NetApp SnapCenter Information Disclosure Vulnerability
NetApp SnapCenter is a suite of applications from NetApp, Inc. that provide the ability to back up, validate, clone, and restore NetApp storage systems.NetApp SnapCenter Server is a server version... A security vulnerability exists in NetApp SnapCenter versions 2.0 through 3.0.1. A remote attacke...
CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
Design/Logic Flaw
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...
CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation...