3 results (0.007 seconds)

CVSS: 4.8EPSS: 0%CPEs: 3EXPL: 0

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack. • https://security.netapp.com/advisory/ntap-20220901-0001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors. • https://security.netapp.com/advisory/ntap-20220901-0002 •

CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0

Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. Active IQ Unified Manager para VMware vSphere, Linux y Microsoft Windows versiones anteriores a 9.10P1, son susceptibles de sufrir una vulnerabilidad que podría permitir a un atacante detectar información específica del clúster, del nodo y de Active IQ Unified Manager por medio de los datos de telemetría de AutoSupport que son enviados incluso cuando AutoSupport ha sido deshabilitado. • https://security.netapp.com/advisory/ntap-20220324-0001 •