Product:

Snapcenter_server

(Netapp)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 23
Date Id Summary Products Score Patch Annotated
2020-10-21 CVE-2020-14793 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base... Fedora, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter_server, Mysql 4.9
2020-10-21 CVE-2020-14794 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS... Fedora, Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter_server, Mysql 4.9
2020-10-21 CVE-2020-14799 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability... Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter_server, Mysql 4.9
2020-10-21 CVE-2020-14800 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability... Active_iq_unified_manager, Oncommand_insight, Oncommand_workflow_automation, Snapcenter_server, Mysql 6.5
2018-03-06 CVE-2017-15519 Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation. Snapcenter_server 7.2
2019-03-04 CVE-2018-5482 NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel. Snapcenter_server 5.3
2017-11-16 CVE-2017-15516 NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used to cause an unintended authenticated action in the user interface. Snapcenter_server 8.8
2019-03-04 CVE-2017-15515 NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. Snapcenter_server 4.8
2017-02-07 CVE-2016-1502 NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors. Snapcenter_server 7.3
2017-08-07 CVE-2015-7887 NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups. Snapcenter_server 8.1