251 matches found
CVE-2019-5496
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5496
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5495
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5495
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5494
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5494
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5496
Oncommand Insight versions prior to 7.3.5 are affected by CVE-2019-5496 due to missing HTTP security headers, which could allow an attacker to obtain sensitive information via unspecified vectors. The connected NVD entry lists CVSS scores (2.0/3.0) indicating network access with no authentication...
CVE-2019-5496
Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5495
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2019-5495
CVE-2019-5495 affects OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5. The issue is described as missing HTTP security headers, which could allow an attacker to obtain sensitive information via unspecified vectors. The NVD metrics indicate a 5.0 (Medium) base score, C...
CVE-2019-5494
The CVE-2019-5494 entry concerns OnCommand Unified Manager 7-Mode prior to version 5.2.4 that shipped without certain HTTP Security headers. The underlying issue is missing HTTP response security headers, enabling potential information disclosure through unspecified vectors. Affected product: Cis...
CVE-2019-5494
OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...
CVE-2018-5481
CVE-2018-5481 affects OnCommand Unified Manager for 7-Mode (core package) prior to version 5.2.4, where cookies are set without the secure attribute in certain circumstances. This can enable impersonation via MITM attacks on network-accessible sessions. The vulnerability arises from cookie securi...
CVE-2018-5481
OnCommand Unified Manager for 7-Mode core package prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle MITM attacks...
CVE-2018-5481
OnCommand Unified Manager for 7-Mode core package prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle MITM attacks...
Design/Logic Flaw
OnCommand Unified Manager for 7-Mode core package prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle MITM attacks...
CVE-2018-5481
OnCommand Unified Manager for 7-Mode core package prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle MITM attacks...
Design/Logic Flaw
NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...