Page 5 of 60 results (0.014 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. NetApp OnCommand Unified Manager for Windows, de la versión 7.2 a la 7.3, es susceptible a una vulnerabilidad que podría conducir a un ataque de escalado de privilegios. • https://security.netapp.com/advisory/ntap-20180523-0002 •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. NetApp OnCommand Unified Manager for Linux, de la versión 7.2 hasta la 7.3, se distribuye con el servicio Java Management Extension Remote Method Invocation (JMX RMI) enlazado a la red y es susceptible a la ejecución remota de código sin autenticación. • https://security.netapp.com/advisory/ntap-20180523-0001 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. NetApp OnCommand Unified Manager for Linux, de la versión 7.2 a la 7.3, se distribuye con el protocolo Java Debug Wire Protocol (JDWP) habilitado, lo que permite que atacantes locales no autorizados ejecuten código arbitrario. • https://security.netapp.com/advisory/ntap-20180425-0001 • CWE-306: Missing Authentication for Critical Function •

CVSS: 8.3EPSS: 0%CPEs: 25EXPL: 0

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103782 http://www.securitytracker.com/id/1040697 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180419-0001 https://usn.ubuntu.com/3747-1 •

CVSS: 8.3EPSS: 0%CPEs: 25EXPL: 0

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103796 http://www.securitytracker.com/id/1040697 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180419-0001 https://usn.ubuntu.com/3747-1 •