Vulnerabilities > Netapp > Cloud Backup > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-08-17 CVE-2018-15473 Race Condition vulnerability in multiple products
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
5.3
2018-07-18 CVE-2018-2973 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE).
network
high complexity
oracle redhat netapp hp
5.9
2018-07-18 CVE-2018-2940 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
low complexity
oracle hp redhat netapp
4.3
2018-01-18 CVE-2018-2581 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX).
network
low complexity
oracle redhat netapp
4.7
2017-10-26 CVE-2017-15906 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
network
low complexity
openbsd oracle debian netapp redhat CWE-732
5.3
2017-10-19 CVE-2017-10357 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10356 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
local
low complexity
oracle redhat netapp debian
6.2
2017-10-19 CVE-2017-10355 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10350 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10349 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP).
network
low complexity
oracle redhat netapp debian
5.3