241 matches found
CVE-2021-27002
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...
CVE-2021-27002
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...
Code injection
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...
CVE-2021-27002
CVE-2021-27002 affects NetApp Cloud Manager prior to 3.9.10. Affected component: the web proxy/authorization flow. Root cause: improper validation in the proxy allows a remote unauthenticated attacker to retrieve sensitive data. Impact: exposure of sensitive data via the web proxy. Mitigation: up...
CVE-2021-27002
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...
Netapp NetApp Cloud Manager 授权问题漏洞
Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An authorization issue vulnerability exists in NetApp Cloud Manager, which arises from the product not validating the identity of a user...
Ericsson Ecm 跨站脚本漏洞
Ericsson Ecm is a cloud manager from Ericsson Sweden. A cross-site scripting vulnerability exists in Ericsson ECM versions prior to 18.0. The vulnerability stems from the lack of effective validation and escaping of the security management endpoints in the user profile management section of...
Ericsson ECM 注入漏洞
Ericsson Ecm is a cloud manager from Ericsson Sweden. A security vulnerability exists in Ericsson ECM versions prior to 18.0 that stems from the fact that in Ericsson ECM prior to 18.0, the security provider endpoint in the user profile management section is vulnerable to CSV injection...
CVE-2021-26999
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...
CVE-2021-26998
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...
CVE-2021-26998
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...
CVE-2021-26999
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...
Information disclosure
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...
Design/Logic Flaw
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...
CVE-2021-26999
CVE-2021-26999 affects NetApp Cloud Manager prior to 3.9.9, where failing an Active Directory connection causes sensitive information to be logged. The logs are available only to authenticated users. Auto-upgrade customers should already be on a fixed version, while users with on‑prem connectors ...
CVE-2021-26999
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...
CVE-2021-26998
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...
CVE-2021-26998
CVE-2021-26998 affects NetApp Cloud Manager prior to 3.9.9, where a flaw allows sensitive information in logs to be exposed to authenticated users. Public sources consistently identify the affected product and version range and confirm the impact as information disclosure. Remediation per the doc...
NetApp Cloud Manager 信息泄露漏洞
Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An information disclosure vulnerability exists in NetApp Cloud Manager, which stems from a flaw in the configuration of the product. An...
NetApp Cloud Manager 信息泄露漏洞
Netapp NetApp Cloud Manager is an application from Netapp, Inc. It provides centralized orchestration of hybrid cloud storage and data management services. A security vulnerability exists in NetApp Cloud Manager versions prior to 3.9.9 that originates from abnormal log file output from a networke...