Vulnerabilities > Netapp > Oncommand Balance > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2017-3140 Resource Exhaustion vulnerability in multiple products
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query.
network
isc netapp CWE-400
4.3
2019-01-16 CVE-2017-3137 Reachable Assertion vulnerability in multiple products
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order.
network
low complexity
isc redhat netapp debian CWE-617
5.0
2019-01-16 CVE-2017-3136 Reachable Assertion vulnerability in multiple products
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate.
4.3
2017-12-01 CVE-2017-15707 Improper Input Validation vulnerability in multiple products
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
network
low complexity
apache netapp oracle CWE-20
5.0
2017-10-19 CVE-2017-10384 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian netapp redhat
4.0
2017-10-19 CVE-2017-10379 Incorrect Authorization vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
network
low complexity
oracle mariadb debian redhat netapp CWE-863
4.0
2017-10-19 CVE-2017-10378 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian redhat netapp
4.0
2017-10-19 CVE-2017-10365 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).
network
low complexity
oracle mariadb netapp
5.5
2017-10-19 CVE-2017-10357 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10356 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
local
low complexity
oracle redhat netapp debian
6.2