Lucene search
K

241 matches found

NVD
NVD
added 2021/10/11 5:15 p.m.12 views

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

7.5CVSS0.01347EPSS
Exploits0References1
OSV
OSV
added 2021/10/11 5:15 p.m.3 views

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

7.5CVSS5.8AI score0.01347EPSS
Exploits0References1
Prion
Prion
added 2021/10/11 5:15 p.m.13 views

Code injection

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

5CVSS7.5AI score0.01347EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/11 4:37 p.m.43 views

CVE-2021-27002

CVE-2021-27002 affects NetApp Cloud Manager prior to 3.9.10. Affected component: the web proxy/authorization flow. Root cause: improper validation in the proxy allows a remote unauthenticated attacker to retrieve sensitive data. Impact: exposure of sensitive data via the web proxy. Mitigation: up...

7.5CVSS7.5AI score0.01347EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/11 4:37 p.m.19 views

CVE-2021-27002

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy...

7.7AI score0.01347EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.6 views

Netapp NetApp Cloud Manager 授权问题漏洞

Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An authorization issue vulnerability exists in NetApp Cloud Manager, which arises from the product not validating the identity of a user...

7.5CVSS7.4AI score0.01347EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.5 views

Ericsson Ecm 跨站脚本漏洞

Ericsson Ecm is a cloud manager from Ericsson Sweden. A cross-site scripting vulnerability exists in Ericsson ECM versions prior to 18.0. The vulnerability stems from the lack of effective validation and escaping of the security management endpoints in the user profile management section of...

5.4CVSS5.4AI score0.00569EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.7 views

Ericsson ECM 注入漏洞

Ericsson Ecm is a cloud manager from Ericsson Sweden. A security vulnerability exists in Ericsson ECM versions prior to 18.0 that stems from the fact that in Ericsson ECM prior to 18.0, the security provider endpoint in the user profile management section is vulnerable to CSV injection...

8CVSS7.7AI score0.0111EPSS
Exploits1References2
OSV
OSV
added 2021/08/06 3:15 p.m.5 views

CVE-2021-26999

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...

4.3CVSS5.8AI score0.00646EPSS
Exploits0References1
OSV
OSV
added 2021/08/06 3:15 p.m.3 views

CVE-2021-26998

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

4.3CVSS5.8AI score0.00646EPSS
Exploits0References1
NVD
NVD
added 2021/08/06 3:15 p.m.17 views

CVE-2021-26998

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

4.3CVSS0.00646EPSS
Exploits0References1
NVD
NVD
added 2021/08/06 3:15 p.m.16 views

CVE-2021-26999

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...

4.3CVSS0.00646EPSS
Exploits0References1
Prion
Prion
added 2021/08/06 3:15 p.m.21 views

Information disclosure

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

4CVSS4.4AI score0.00646EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/06 3:15 p.m.13 views

Design/Logic Flaw

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...

4CVSS4.4AI score0.00646EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/06 2:20 p.m.86 views

CVE-2021-26999

CVE-2021-26999 affects NetApp Cloud Manager prior to 3.9.9, where failing an Active Directory connection causes sensitive information to be logged. The logs are available only to authenticated users. Auto-upgrade customers should already be on a fixed version, while users with on‑prem connectors ...

4.3CVSS4.3AI score0.00646EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/06 2:20 p.m.21 views

CVE-2021-26999

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with...

4.7AI score0.00646EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/06 2:19 p.m.18 views

CVE-2021-26998

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed...

4.7AI score0.00646EPSS
Exploits0References1
CVE
CVE
added 2021/08/06 2:19 p.m.97 views

CVE-2021-26998

CVE-2021-26998 affects NetApp Cloud Manager prior to 3.9.9, where a flaw allows sensitive information in logs to be exposed to authenticated users. Public sources consistently identify the affected product and version range and confirm the impact as information disclosure. Remediation per the doc...

4.3CVSS4.3AI score0.00646EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.6 views

NetApp Cloud Manager 信息泄露漏洞

Netapp NetApp Cloud Manager is an application from Netapp, Inc. which provides centralized orchestration of hybrid cloud storage and data management services. An information disclosure vulnerability exists in NetApp Cloud Manager, which stems from a flaw in the configuration of the product. An...

4.3CVSS5.2AI score0.00646EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.5 views

NetApp Cloud Manager 信息泄露漏洞

Netapp NetApp Cloud Manager is an application from Netapp, Inc. It provides centralized orchestration of hybrid cloud storage and data management services. A security vulnerability exists in NetApp Cloud Manager versions prior to 3.9.9 that originates from abnormal log file output from a networke...

4.3CVSS5.1AI score0.00646EPSS
Exploits0References2
Rows per page
Query Builder