Vulnerabilities > Netapp > Oncommand Balance > High

DATE CVE VULNERABILITY TITLE RISK
2017-11-13 CVE-2016-8610 Resource Exhaustion vulnerability in multiple products
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. 		7.5
7.5
2017-10-19 CVE-2017-10388 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle redhat netapp debian
7.5
7.5
2017-10-04 CVE-2017-12617 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g.
network
high complexity
apache canonical oracle debian netapp redhat CWE-434
8.1
8.1
2017-09-19 CVE-2017-12615 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g.
network
high complexity
apache netapp redhat CWE-434
8.1
8.1
2017-09-15 CVE-2017-9805 Deserialization of Untrusted Data vulnerability in multiple products
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
network
high complexity
apache cisco netapp CWE-502
8.1
8.1
2017-08-08 CVE-2017-10176 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
low complexity
oracle debian phoenixcontact netapp
7.5
7.5
2017-08-08 CVE-2017-10118 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE).
network
low complexity
oracle debian phoenixcontact netapp
7.5
7.5
2017-08-08 CVE-2017-10116 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle phoenixcontact debian redhat netapp
8.3
8.3
2017-08-08 CVE-2017-10115 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE).
network
low complexity
oracle debian phoenixcontact redhat netapp
7.5
7.5
2017-08-07 CVE-2015-7871 Improper Authentication vulnerability in multiple products
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
network
low complexity
ntp debian netapp CWE-287
7.5
7.5