Vulnerabilities > Netapp > Active IQ Unified Manager > 9.11p1

DATE CVE VULNERABILITY TITLE RISK
2020-03-02 CVE-2020-9547 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
network
low complexity
fasterxml netapp debian oracle CWE-502
critical
 9.8
9.8
2020-03-02 CVE-2020-9546 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
network
low complexity
fasterxml netapp debian oracle CWE-502
critical
 9.8
9.8
2020-01-15 CVE-2020-2659 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking).
network
high complexity
oracle debian canonical netapp opensuse redhat
3.7
3.7
2020-01-15 CVE-2020-2654 Vulnerability in the Java SE product of Oracle Java SE (component: Libraries).
network
high complexity
oracle redhat debian canonical netapp mcafee opensuse
3.7
3.7
2020-01-15 CVE-2020-2604 Deserialization of Untrusted Data vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 		8.1
8.1
2020-01-15 CVE-2020-2601 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle debian canonical opensuse netapp redhat
6.8
6.8
2020-01-15 CVE-2020-2593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking).
network
high complexity
oracle redhat debian canonical opensuse mcafee netapp
4.8
4.8
2020-01-15 CVE-2020-2590 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security).
network
high complexity
oracle redhat debian canonical opensuse mcafee netapp
3.7
3.7
2020-01-15 CVE-2020-2583 Improper Handling of Exceptional Conditions vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 		3.7
3.7
2020-01-03 CVE-2019-20330 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
network
low complexity
fasterxml oracle debian netapp CWE-502
critical
 9.8
9.8