CVE-2018-5481
published 2019-01-07CVE-2018-5481: OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to…
high7.4CVSS 3.0
AVNACHPRNUINSUCHIHAN
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netapp | oncommand_unified_manager | < 5.2.4 | 5.2.4 |
| netapp | oncommand_unified_manager_for_7-mode | — | — |