Snapmanager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Snapmanager
(Netapp)

Repositories	• https://github.com/madler/zlib • https://github.com/dom4j/dom4j
#Vulnerabilities	180

Date	Id	Summary	Products	Score	Patch	Annotated
2018-01-18	CVE-2018-2627	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks...	Active_iq_unified_manager, Cloud_backup, E\-Series_santricity_management_plug\-Ins, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_shift, Oncommand_unified_manager, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_cloud_connector, Snapmanager, Storage_replication_adapter_for_clustered_data_ontap, Storagegrid, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Jdk, Jre, Satellite	7.5
2018-04-19	CVE-2018-2826	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can...	Ubuntu_linux, Cloud_backup, E\-Series_santricity_management, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Santricity_cloud_connector, Snapmanager, Storage_replication_adapter, Storagegrid, Vasa_provider, Virtual_storage_console, Jdk, Jre	8.3
2018-04-19	CVE-2018-2825	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can...	Ubuntu_linux, Cloud_backup, E\-Series_santricity_management, E\-Series_santricity_os_controller, E\-Series_santricity_storage_manager, E\-Series_santricity_web_services, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Santricity_cloud_connector, Snapmanager, Storage_replication_adapter, Storagegrid, Vasa_provider, Virtual_storage_console, Jdk, Jre	8.3
2022-02-26	CVE-2022-23308	valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.	Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos, Debian_linux, Fedora, Active_iq_unified_manager, Bootstrap_os, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Smi\-S_provider, Snapdrive, Snapmanager, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_cloud_native_core_network_repository_function, Communications_cloud_native_core_network_slice_selection_function, Communications_cloud_native_core_unified_data_repository, Mysql_workbench, Zfs_storage_appliance_kit, Libxml2	7.5
2022-05-03	CVE-2022-1292	The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o...	Debian_linux, Fedora, A250_firmware, A700s_firmware, Active_iq_unified_manager, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Fabric\-Attached_storage_a400_firmware, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Oncommand_insight, Oncommand_workflow_automation, Santricity_smi\-S_provider, Smi\-S_provider, Snapcenter, Snapmanager, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Openssl, Enterprise_manager_ops_center, Mysql_server, Mysql_workbench	9.8