Vulnerabilities > Netapp > Snapcenter

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2017-7657 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly.
network
low complexity
eclipse debian netapp hp oracle CWE-444
critical
9.8
2018-06-22 CVE-2018-12538 Session Fixation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.
network
low complexity
eclipse netapp CWE-384
8.8
2018-05-11 CVE-2018-1258 Incorrect Authorization vulnerability in multiple products
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security.
8.8
2018-04-19 CVE-2018-2846 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema).
network
low complexity
oracle canonical netapp
4.9
2018-04-19 CVE-2018-2839 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle canonical netapp
4.9
2018-04-19 CVE-2018-2819 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb canonical debian redhat netapp
6.5
2018-04-19 CVE-2018-2818 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle canonical debian netapp
4.9
2018-04-19 CVE-2018-2817 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian redhat mariadb netapp
6.5
2018-04-19 CVE-2018-2816 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp
4.9
2018-04-19 CVE-2018-2813 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle debian canonical redhat netapp mariadb
4.3