Santricity Cloud Connector

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-26	CVE-2018-1301	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. network high complexity apache debian canonical netapp redhat CWE-119	5.9
2018-03-26	CVE-2018-1283	In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. network high complexity apache debian canonical netapp redhat	5.3
2018-03-26	CVE-2017-15715	Improper Input Validation vulnerability in multiple products In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. network high complexity apache debian canonical netapp redhat CWE-20	8.1
2018-03-26	CVE-2017-15710	Out-of-bounds Write vulnerability in multiple products In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. network low complexity apache debian canonical netapp redhat CWE-787	7.5
2018-01-18	CVE-2018-2638	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle redhat netapp	8.3
2018-01-18	CVE-2018-2627	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). local high complexity oracle redhat netapp	7.5
2018-01-18	CVE-2018-2581	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). network low complexity oracle redhat netapp	4.7