15 matches found
EUVD-2020-26843
Malware in sbrugna...
EUVD-2021-8154
Malicious code in bioql PyPI...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2020-5684
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...
Release Information for NEC Storage V Series Plug-In for Veeam Backup & Replication
This plug-in leverages the Veeam Universal Storage API, which enables storage OEMs to allow Veeam Backup & Replication integration to the arrays for backup and replication jobs. Requirements Before installing NEC V Series Plug-In v2.1.225, make sure that you are running Veeam Backup & Replication...
Release Information for NEC Storage M Series Plug-In for Veeam Backup & Replication
This plug-in leverages the Veeam Universal Storage API, which enables storage OEMs to allow Veeam Backup & Replication integration to the arrays for backup and replication jobs. Requirements Before installing NEC Storage M Series Plug-In v1.0.10, ensure that you are running Veeam Backup &...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
Design/Logic Flaw
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08NEC2.5.4a and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08NEC3.4.2 allow remote authenticated attackers to execute arbitrary...
JVN#21298724: Hitachi Virtual File Platform vulnerable to OS command injection
Hitachi Virtual File Platform provided by Hitachi contains an OS command injection vulnerability CWE-78 due to a flaw in processing parameters of the HTTP requests. Impact A remote attacker who can log in to the product may execute an arbitrary OS command with root privilege. Solution Update the...
CVE-2020-5684
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...
CVE-2020-5684
CVE-2020-5684 affects NEC Storage Manager/Storage Manager Express: iSM client versions from 5.1 up to (but not including) 12.1 do not verify the server certificate, enabling MITM eavesdropping or modification via a crafted certificate. Remediation per JVN/Red Hat: update to iSM Client 12.1+ and N...
CVE-2020-5684
iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...
JVN#10100024: Management software for NEC Storage disk array system vulnerable to improper server certificate verification
Management software for NEC Storage disk array system provided by NEC Corporation is vulnerable to improper server certificate verification CWE-295. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication or alter the communication. Solution Update the...