26 matches found
EUVD-2016-6322
Malware in sbrugna...
EUVD-2016-8040
Malware in sbrugna...
EUVD-2016-6649
Malware in sbrugna...
Security Bulletin:TLS Protocol 64-bit Cipher Vulnerability in Multiple N series Products (CVE-2016-2183)
Summary Multiple N series products utilize the TLS protocol. Any system using the TLS protocol with 64-bit block ciphers that are used in long running connections are vulnerable to a birthday attack referred to as SWEET32. When exploited, the vulnerability may lead to the unauthorized disclosure ...
Security Bulletin: CVE-2015-4000 Diffie-Hellman Export Cipher Suite Vulnerabilities in Multiple N series Products
Summary A vulnerability known as Logjam may affect multiple N series products and the impact is under investigation. Versions 1.2 and earlier of the Transport Layer Security TLS protocol can allow man-in-the-middle MITM attackers to conduct downgrade attacks. Multiple N series Products has...
Vulnerability fixed in NetApp Active IQ Unified Manager and Snap Creator Framework
NetApp has fixed a vulnerability in JQuery as used in Active IQ Unified Manager and Snap Creator Framework, among others. The vulnerabilities allow an unauthenticated malicious person to to access sensitive data or manipulate data. NetApp has released updates to fix the vulnerabilities in Active ...
Vulnerability fixed in NetApp
Netapp Snap Creator Framework includes Apache Tomcat. Apache Tomcat versions 8.5.1 through 8.5.59, 9.0.0.M5 through 9.0.39, and 10.0.0-M1 through 10.0.0-M9 are susceptible to a vulnerability that, when successfully exploited, can lead to the disclosure of sensitive information. Netapp has release...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
Code injection
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-5710
The CVE-2016-5710 entry affects NetApp Snap Creator Framework prior to 4.3P1. It describes a clickjacking vulnerability that can be triggered by remote authenticated users via unspecified vectors. Exploitation details are not provided in the supplied documents. The issue appears resolved by upgra...
Security Bulletin: Apache Commons Collection Java Deserialization Vulnerability in Multiple N series Products
Summary Multiple N series products incorporate the Apache Commons Collection library. Versions of Apache Commons Collection before 3.2.2 and including 4.0 are susceptible to a vulnerability that could be exploited to allow remote attackers to execute arbitrary commands on the system. Multiple N...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
CVE-2016-5372
NetApp Snap Creator Framework CVE-2016-5372 is a CSRF vulnerability affecting versions prior to 4.3.0P1. A remote attacker could hijack user authentication and, per CNVD details, perform unauthorized operations and gain privileges for affected applications via unknown vectors. Mitigation: upgrade...
CVE-2016-5372
Cross-site request forgery CSRF vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors...
NetApp Snap Creator Framework Information Disclosure Vulnerability
NetApp Snap Creator Framework is the United States NetApp company's set of integrated NetApp functionality plug-ins and popular third-party applications framework. An information disclosure vulnerability exists in versions of NetApp Snap Creator Framework prior to 4.3.1. An attacker could exploit...
CVE-2016-7172
NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user...