Oncommand Unified Manager Security Vulnerabilities and Issues — Oncommand Unified Manager CVE List

Lucene search

NetappOncommand Unified Manager

5 matches found

CVE•added 2018/05/16 4:29 p.m.•766 views

CVE-2018-8014

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their e...

9.8CVSS8.6AI score0.53868EPSS

CVE•added 2018/05/16 5:29 p.m.•329 views

CVE-2018-11212

An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

6.5CVSS6.2AI score0.00426EPSS

CVE•added 2018/05/11 8:29 p.m.•221 views

CVE-2018-1258

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

8.8CVSS9AI score0.00221EPSS

CVE•added 2018/05/24 2:29 p.m.•34 views

CVE-2018-5487

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.

9.8CVSS9.8AI score0.02486EPSS

CVE•added 2018/05/24 2:29 p.m.•31 views

CVE-2018-5485

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack.

7.8CVSS7.7AI score0.00168EPSS