Vulnerabilities > Netapp > Oncommand API Services > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-21409 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty debian netapp oracle quarkus CWE-444
5.9
5.9
2021-03-09 CVE-2021-21295 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty netapp debian quarkus apache oracle CWE-444
5.9
5.9
2017-07-25 CVE-2017-8919 Unspecified vulnerability in Netapp Oncommand API Services 1.0/1.1/1.2
NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors.
network
low complexity
netapp
4.0
4.0