Vulnerabilities > Netapp > Oncommand Balance > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2017-3140 Resource Exhaustion vulnerability in multiple products
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query.
network
high complexity
isc netapp CWE-400
5.9
2019-01-16 CVE-2017-3138 Reachable Assertion vulnerability in multiple products
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc.
network
high complexity
isc netapp debian CWE-617
5.3
2019-01-16 CVE-2017-3136 Reachable Assertion vulnerability in multiple products
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate.
network
high complexity
isc redhat netapp debian CWE-617
5.9
2017-12-01 CVE-2017-15707 Improper Input Validation vulnerability in multiple products
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
local
low complexity
apache netapp oracle CWE-20
6.2
2017-10-19 CVE-2017-10384 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian netapp redhat
6.5
2017-10-19 CVE-2017-10379 Incorrect Authorization vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
network
low complexity
oracle mariadb debian redhat netapp CWE-863
6.5
2017-10-19 CVE-2017-10378 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian redhat netapp
6.5
2017-10-19 CVE-2017-10357 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10356 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
local
low complexity
oracle redhat netapp debian
6.2
2017-10-19 CVE-2017-10355 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
low complexity
oracle redhat netapp debian
5.3