8 results (0.002 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an authenticated SnapCenter Server user to modify system logging configuration settings Las versiones 4.8 de SnapCenter anteriores a la 5.0 son susceptibles a una vulnerabilidad que podría permitir a un usuario autenticado de SnapCenter Server modificar los ajustes de configuración de registro del sistema. • https://security.netapp.com/advisory/ntap-20240216-0001 • CWE-285: Improper Authorization •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed. Las versiones 4.8 a 4.9 de SnapCenter son susceptibles a una vulnerabilidad que puede permitir que un usuario autenticado de SnapCenter Server se convierta en usuario administrador en un sistema remoto donde se ha instalado un complemento de SnapCenter. • https://security.netapp.com/advisory/NTAP-20231012-0001 https://security.netapp.com/advisory/ntap-20231012-0001 • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to a vulnerability which may allow an authenticated unprivileged user to gain access as an admin user. Las versiones 3.x y 4.x de SnapCenter anteriores a la 4.9 son susceptibles a una vulnerabilidad que puede permitir que un usuario autenticado sin privilegios obtenga acceso como usuario administrador. • https://security.netapp.com/advisory/ntap-20230713-0002 • CWE-250: Execution with Unnecessary Privileges •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. • https://security.netapp.com/advisory/ntap-20230511-0011 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented. SnapCenter versiones anteriores a 4.7, eran enviadas sin la política de seguridad de contenidos (CSP) implementada, lo que podía permitir determinados tipos de ataques que de otro modo serían prevenidos • https://security.netapp.com/advisory/NTAP-20220926-0001 •