NetApp Vasa Provider 6.0 for Clustered Data Ontap

CPE Details

NetApp Vasa Provider 6.0 for Clustered Data Ontap
netapp
vasa_provider
6.0
2022-05-27
11h30 +00:00
2022-09-12
15h47 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netapp:vasa_provider:6.0:*:*:*:*:clustered_data_ontap:*:*

Informations

Vendor

netapp

Product

vasa_provider

Version

6.0

Target Software

clustered_data_ontap

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-6904 2017-12-11 15h00 +00:00 Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.
8.1
High
CVE-2017-10053 2017-08-08 13h00 +00:00 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
5.3
Medium