Netapp Active Iq Unified Manager vulnerabilities

219 known vulnerabilities affecting netapp/active_iq_unified_manager.

Total CVEs

219

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL25HIGH43MEDIUM123LOW28

Vulnerabilities

Page 10 of 11

CVE-2017-10355MEDIUMCVSS 5.3PoC≥ 7.3≥ 9.52017-10-19

CVE-2017-10355 [MEDIUM] CVE-2017-10355: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java

nvd

CVE-2017-10295MEDIUMCVSS 4.0≥ 7.3≥ 9.52017-10-19

CVE-2017-10295 [MEDIUM] CVE-2017-10295: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE

nvd

CVE-2017-10348MEDIUMCVSS 5.3≥ 7.3≥ 9.52017-10-19

CVE-2017-10348 [MEDIUM] CVE-2017-10348: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Succes

nvd

CVE-2017-10347MEDIUMCVSS 5.3≥ 7.3≥ 9.52017-10-19

CVE-2017-10347 [MEDIUM] CVE-2017-10347: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks o

nvd

CVE-2017-10356MEDIUMCVSS 6.2≥ 7.3≥ 9.52017-10-19

CVE-2017-10356 [MEDIUM] CVE-2017-10356: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedde

nvd

CVE-2017-10345LOWCVSS 3.1≥ 7.3≥ 9.52017-10-19

CVE-2017-10345 [LOW] CVE-2017-10345: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja

nvd

CVE-2017-10365LOWCVSS 3.8≥ 7.3≥ 9.52017-10-19

CVE-2017-10365 [LOW] CVE-2017-10365: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supporte Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized updat

nvd

CVE-2017-12617HIGHCVSS 8.1KEVPoC≥ 7.3≥ 9.52017-10-04

CVE-2017-12617 [HIGH] CWE-434 CVE-2017-12617: When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0. When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code

nvd

CVE-2017-10107CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10107 [CRITICAL] CVE-2017-10107: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful at

nvd

CVE-2017-10087CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10087 [CRITICAL] CVE-2017-10087: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success

nvd

CVE-2017-10090CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10090 [CRITICAL] CVE-2017-10090: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful att

nvd

CVE-2017-10110CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10110 [CRITICAL] CVE-2017-10110: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions tha Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the

nvd

CVE-2017-10089CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10089 [CRITICAL] CVE-2017-10089: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than

nvd

CVE-2017-10096CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10096 [CRITICAL] CVE-2017-10096: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a

nvd

CVE-2017-10102CRITICALCVSS 9.0≥ 7.3≥ 9.52017-08-08

CVE-2017-10102 [CRITICAL] CVE-2017-10102: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the v

nvd

CVE-2017-10111CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10111 [CRITICAL] CVE-2017-10111: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks requ

nvd

CVE-2017-10086CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10086 [CRITICAL] CVE-2017-10086: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attac

nvd

CVE-2017-10101CRITICALCVSS 9.6≥ 7.3≥ 9.52017-08-08

CVE-2017-10101 [CRITICAL] CVE-2017-10101: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a

nvd

CVE-2017-10078HIGHCVSS 8.1≥ 7.3≥ 9.52017-08-08

CVE-2017-10078 [HIGH] CVE-2017-10078: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported ve Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or

nvd

CVE-2017-10115HIGHCVSS 7.5≥ 7.3≥ 9.52017-08-08

CVE-2017-10115 [HIGH] CVE-2017-10115: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE

nvd

← Previous10 / 11Next →