Vulnerabilities > CVE-2019-5495 - 7PK - Security Features vulnerability in Netapp Oncommand Unified Manager

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
netapp
CWE-254

Summary

OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

Common Weakness Enumeration (CWE)