Product:

Oncommand_workflow_automation

(Netapp)
Repositories https://github.com/bcgit/bc-java
https://github.com/madler/zlib
https://github.com/FasterXML/jackson-databind
https://github.com/dom4j/dom4j
#Vulnerabilities 693
Date Id Summary Products Score Patch Annotated
2018-07-18 CVE-2018-3054 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9... Ubuntu_linux, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql 4.9
2018-04-19 CVE-2018-2846 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability... Ubuntu_linux, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Storage_automation_store, Mysql 4.9
2017-02-07 CVE-2016-1894 NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors. Oncommand_workflow_automation 8.1
2015-05-31 CVE-2015-3292 The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors. Oncommand_workflow_automation N/A