11 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. • https://security-advisory.acronis.com/advisories/SEC-5816 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Sensitive information disclosure due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. Sensitive information disclosure due to unauthenticated path traversal. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. • https://security-advisory.acronis.com/advisories/SEC-5811 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203. • https://security-advisory.acronis.com/advisories/SEC-5810 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. NetApp Cloud Manager versiones anteriores a 3.9.10, son susceptibles de sufrir una vulnerabilidad que podría permitir a un atacante remoto no autenticado recuperar datos confidenciales por medio del proxy web • https://security.netapp.com/advisory/ntap-20211011-0001 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. The logged information is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version. NetApp Cloud Manager versiones anteriores a 3.9.9, registran información confidencial cuando comete un fallo una conexión Active Directory. La información registrada sólo está disponible para usuarios autenticados. • https://security.netapp.com/advisory/NTAP-20210805-0012 • CWE-532: Insertion of Sensitive Information into Log File •