Vulnerabilities > Netapp

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-19	CVE-2017-10285	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network low complexity oracle debian redhat netapp critical	9.6
2017-10-19	CVE-2017-10281	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). network low complexity oracle debian redhat netapp	5.3
2017-10-19	CVE-2017-10274	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). network high complexity oracle debian redhat netapp	6.8
2017-10-19	CVE-2017-10268	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian redhat mariadb netapp	4.1
2017-10-16	CVE-2016-4461	Improper Input Validation vulnerability in multiple products Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. network low complexity apache netapp CWE-20 critical	9.0
2017-10-04	CVE-2017-12617	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. network high complexity apache canonical oracle debian netapp redhat CWE-434	8.1
2017-09-19	CVE-2017-12615	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. network high complexity apache netapp redhat CWE-434	8.1
2017-09-15	CVE-2017-9805	Deserialization of Untrusted Data vulnerability in multiple products The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads. network high complexity apache cisco netapp CWE-502	8.1
2017-09-01	CVE-2017-14053	Information Exposure vulnerability in Netapp Oncommand Unified Manager FOR Clustered Data Ontap NetApp OnCommand Unified Manager for Clustered Data ONTAP before 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. network low complexity netapp CWE-200	5.0
2017-09-01	CVE-2017-12423	Unspecified vulnerability in Netapp Clustered Data Ontap NetApp Clustered Data ONTAP 8.3.x before 8.3.2P12 allows remote authenticated users to read data on other Storage Virtual Machines (SVMs) via unspecified vectors. network low complexity netapp	4.0

Vulnerabilities > Netapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netapp"}]}

Vulnerabilities > Netapp