CVE-2018-5492Improper Input Validation in E-series Santricity OS Controller

CWE-20Improper Input Validation4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
2.1%
top 15.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Netapp E-series Santricity OS ControllerNetapp E-series Santricity OS Controller Software
Timeline
PublishedOct 4
Latest updateMay 14

Description

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-fcw7-5r4m-xv4w: NetApp E-Series SANtricity OS Controller Software 112022-05-14
CVEList
CVE-2018-5492: NetApp E-Series SANtricity OS Controller Software 112018-10-04

💬Community

1
Bugzilla
CVE-2018-1000039 mupdf: multiple use after free in the PDF parser2018-05-24
CVE-2018-5492 — Improper Input Validation | cvebase