Open redirect

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage...

CVE-2014-9353

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors...

CVE-2014-9354

CVE-2014-9354 affects NetApp OnCommand Balance before 4.2P3. The vulnerability enables local users to obtain sensitive information due to cleartext storage. Affected product: NetApp OnCommand Balance; root cause: cleartext storage leading to information disclosure. Potential impact: exposure of s...

CVE-2014-9354

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage...

CVE-2014-9353

Affected product: NetApp OnCommand Balance. Vulnerability: presence of a default privileged account in Balance prior to version 4.2P2, enabling remote privilege elevation via unspecified vectors. Root cause: default privileged account included in the application. Impact: attacker could gain privi...

SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager

SEC Consult Vulnerability Lab Security Advisory 20130507-0 ======================================================================= title: Multiple vulnerabilities product: NetApp OnCommand System Manager vulnerable version: = 2.1 and =2.0.2 fixed version: 2.2 only XSS fixed CVE: CVE-2013-3320 XSS...

NetApp OnCommand System Manager - zapiServlet CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities

NetApp OnCommand System Manager - zapiServlet CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities...

NetApp OnCommand System Manager 2.1 / 2.0.2 XSS / File Inclusion / Command Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: NetApp OnCommand System Manager vulnerable version: = 2.1 and =2.0.2 fixed version: 2.2 only XSS fixed CVE: CVE-2013-3320 XSS...

NetApp OnCommand System Manager - '/zapiServlet' User Management Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run...

NetApp OnCommand System Manager - '/zapiServlet' CIFS Configuration Management Interface Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run...

NetApp OnCommand System Manager - zapiServlet User Management Interface Multiple Cross-Site Scripting Vulnerabilities

NetApp OnCommand System Manager - zapiServlet User Management Interface Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/59688/info NetApp OnCommand System Manager is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails ...