Oncommand Unified Manager@* Security Vulnerabilities and Issues — Page 3 of Oncommand Unified Manager@* CVE List

Lucene search

NetappOncommand Unified Manager*

124 matches found

CVE•added 2018/04/19 2:29 a.m.•123 views

CVE-2018-2818

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult...

4.9CVSS5AI score0.00762EPSS

CVE•added 2017/08/08 3:29 p.m.•118 views

CVE-2017-10105

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successfu...

4.3CVSS4.4AI score0.00393EPSS

CVE•added 2017/08/08 3:29 p.m.•117 views

CVE-2017-10111

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to com...

9.6CVSS9AI score0.0126EPSS

CVE•added 2017/08/08 3:29 p.m.•117 views

CVE-2017-10114

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

8.3CVSS8.5AI score0.01714EPSS

CVE•added 2018/04/19 2:29 a.m.•117 views

CVE-2018-2826

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require ...

8.3CVSS8AI score0.02916EPSS

CVE•added 2017/08/08 3:29 p.m.•107 views

CVE-2017-10125

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows physical access to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly i...

7.1CVSS7.6AI score0.00274EPSS

CVE•added 2018/04/19 2:29 a.m.•105 views

CVE-2018-2846

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. ...

4.9CVSS5AI score0.0038EPSS

CVE•added 2017/08/08 3:29 p.m.•104 views

CVE-2017-10086

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks r...

9.6CVSS9AI score0.0126EPSS

CVE•added 2018/04/19 2:29 a.m.•99 views

CVE-2018-2825

8.3CVSS8AI score0.01133EPSS

CVE•added 2018/04/19 2:29 a.m.•97 views

CVE-2018-2839

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...

4.9CVSS5AI score0.0038EPSS

CVE•added 2017/10/19 5:29 p.m.•92 views

CVE-2017-10365

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

5.5CVSS3.3AI score0.00349EPSS

CVE•added 2018/04/19 2:29 a.m.•88 views

CVE-2018-2812

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

5.5CVSS5.3AI score0.00401EPSS

CVE•added 2018/04/19 2:29 a.m.•85 views

CVE-2018-2816

4.9CVSS5AI score0.0038EPSS

CVE•added 2017/10/19 5:29 p.m.•82 views

CVE-2017-10286

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

4.4CVSS4.3AI score0.0018EPSS

CVE•added 2017/10/19 5:29 p.m.•73 views

CVE-2017-10320

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS4.7AI score0.0033EPSS

CVE•added 2019/05/10 8:29 p.m.•67 views

CVE-2019-5495

OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

7.5CVSS7.2AI score0.00291EPSS

CVE•added 2019/01/07 3:0 p.m.•61 views

CVE-2018-5481

OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.

7.4CVSS7.3AI score0.00124EPSS

CVE•added 2019/05/10 7:29 p.m.•57 views

CVE-2019-5494

OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

7.5CVSS7.1AI score0.00205EPSS

CVE•added 2017/11/10 2:29 a.m.•55 views

CVE-2017-11461

NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface.

4.3CVSS4.6AI score0.00245EPSS

CVE•added 2018/04/25 9:29 p.m.•38 views

CVE-2018-5486

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code.

7.8CVSS7.8AI score0.00107EPSS

CVE•added 2018/06/22 3:29 p.m.•37 views

CVE-2017-7568

NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface.

5.3CVSS5.1AI score0.01448EPSS

CVE•added 2018/05/24 2:29 p.m.•34 views

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.

9.8CVSS9.8AI score0.02486EPSS

CVE•added 2021/01/28 9:15 p.m.•32 views

CVE-2020-8585

OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).

5.5CVSS5.3AI score0.00139EPSS

CVE•added 2018/05/24 2:29 p.m.•31 views

CVE-2018-5485

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack.

7.8CVSS7.7AI score0.00168EPSS

Total number of security vulnerabilities124