Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:netapp:oncommand_api_services:1.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-15518 |
All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required. Published: February 23, 2018; 6:29:00 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 2.1 LOW |
CVE-2017-8919 |
NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors. Published: July 25, 2017; 2:29:01 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 4.0 MEDIUM |