Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Oncommand_api_services
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-25 | CVE-2017-8919 | NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors. | Oncommand_api_services | 6.5 | ||
| 2018-02-23 | CVE-2017-15518 | All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required. | Oncommand_api_services, Service_level_manager | 7.8 |