CVE-2023-26454

Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to adjacent networks of the imageconverter service, which is not exposed to public networks by default. Arbitrary SQL statements could b...

CVE-2017-15518

CVE-2017-15518 affects NetApp OnCommand API Services (versions prior to 2.1) and NetApp Service Level Manager (prior to 1.0RC4). Root cause is that a privileged database user password is logged during operation; the vulnerability is mitigated by upgrading to the fixed versions. Documents indicate...

CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is...

CVE-2013-1170

The Cisco Prime Network Control System NCS appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service service disruption via unspecified vectors, aka Bug ID...