Vulnerabilities > Netapp > Oncommand API Services > 1.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-23 | CVE-2017-15518 | Information Exposure vulnerability in Netapp Oncommand API Services and Service Level Manager All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. | 2.1 |
| 2017-07-25 | CVE-2017-8919 | Unspecified vulnerability in Netapp Oncommand API Services 1.0/1.1/1.2 NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors. | 4.0 |