NetApp OnCommand System Manager 2.1

CPE Details

NetApp OnCommand System Manager 2.1
netapp
oncommand_system_manager
2.1
2020-02-03
14h28 +00:00
2020-02-03
14h28 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netapp:oncommand_system_manager:2.1:*:*:*:*:*:*:*

Informations

Vendor

netapp

Product

oncommand_system_manager

Version

2.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-3322 2020-01-31 12h40 +00:00 NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface.
7.2
High
CVE-2013-3321 2020-01-29 20h40 +00:00 NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
7.5
High
CVE-2013-3320 2020-01-29 20h34 +00:00 Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
6.1
Medium
CVE-2016-3063 2017-02-07 16h00 +00:00 Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.
7.5
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.