Vulnerabilities > Netapp > Oncommand Unified Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2019-2420 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp redhat
4.9
2019-01-07 CVE-2018-5481 Missing Encryption of Sensitive Data vulnerability in Netapp Oncommand Unified Manager
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
network
netapp CWE-311
5.8
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-10-17 CVE-2018-10933 Improper Authentication vulnerability in multiple products
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4.
network
low complexity
libssh canonical debian redhat netapp oracle CWE-287
6.4
2018-10-17 CVE-2018-3286 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp
4.3
2018-10-17 CVE-2018-3285 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows).
network
low complexity
oracle netapp
4.9
2018-10-17 CVE-2018-3280 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: JSON).
network
low complexity
oracle netapp
4.9
2018-10-17 CVE-2018-3279 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles).
network
low complexity
oracle netapp
4.9
2018-10-17 CVE-2018-3278 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR).
network
low complexity
oracle netapp microsoft canonical
4.0