Netapp Virtual Storage Console vulnerabilities
69 known vulnerabilities affecting netapp/virtual_storage_console.
Total CVEs
69
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
2
Severity breakdown
CRITICAL15HIGH23MEDIUM27LOW4
Vulnerabilities
Page 2 of 4
CVE-2018-2627HIGHCVSS 7.5≥ 7.2v6.02018-01-18
CVE-2018-2627 [HIGH] CVE-2018-2627: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versio
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other th
nvd
CVE-2018-2638HIGHCVSS 8.3≥ 7.2v6.02018-01-18
CVE-2018-2638 [HIGH] CVE-2018-2638: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the atta
nvd
CVE-2018-2581MEDIUMCVSS 4.7≥ 7.2v6.02018-01-18
CVE-2018-2581 [MEDIUM] CVE-2018-2581: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the at
nvd
CVE-2017-15906MEDIUMCVSS 5.3≥ 9.7v9.62017-10-26
CVE-2017-15906 [MEDIUM] CWE-732 CVE-2017-15906: The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write ope
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
nvd
CVE-2017-10346CRITICALCVSS 9.6≥ 7.2v6.02017-10-19
CVE-2017-10346 [CRITICAL] CVE-2017-10346: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success
nvd
CVE-2017-10285CRITICALCVSS 9.6≥ 7.2v6.02017-10-19
CVE-2017-10285 [CRITICAL] CVE-2017-10285: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful
nvd
CVE-2017-10388HIGHCVSS 7.5≥ 7.2v6.02017-10-19
CVE-2017-10388 [HIGH] CVE-2017-10388: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attac
nvd
CVE-2017-10309HIGHCVSS 7.1PoC≥ 7.2v6.02017-10-19
CVE-2017-10309 [HIGH] CVE-2017-10309: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker
nvd
CVE-2017-10357MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10357 [MEDIUM] CVE-2017-10357: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serializat
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Su
nvd
CVE-2017-10350MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10350 [MEDIUM] CVE-2017-10350: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). S
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attac
nvd
CVE-2017-10349MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10349 [MEDIUM] CVE-2017-10349: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful
nvd
CVE-2017-10281MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10281 [MEDIUM] CVE-2017-10281: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise J
nvd
CVE-2017-10293MEDIUMCVSS 6.1≥ 7.2v6.02017-10-19
CVE-2017-10293 [MEDIUM] CVE-2017-10293: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker
nvd
CVE-2017-10274MEDIUMCVSS 6.8≥ 7.2v6.02017-10-19
CVE-2017-10274 [MEDIUM] CVE-2017-10274: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported ve
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person ot
nvd
CVE-2017-10355MEDIUMCVSS 5.3PoC≥ 7.2v6.02017-10-19
CVE-2017-10355 [MEDIUM] CVE-2017-10355: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
nvd
CVE-2017-10295MEDIUMCVSS 4.0≥ 7.2v6.02017-10-19
CVE-2017-10295 [MEDIUM] CVE-2017-10295: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE
nvd
CVE-2017-10348MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10348 [MEDIUM] CVE-2017-10348: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Succes
nvd
CVE-2017-10347MEDIUMCVSS 5.3≥ 7.2v6.02017-10-19
CVE-2017-10347 [MEDIUM] CVE-2017-10347: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks o
nvd
CVE-2017-10356MEDIUMCVSS 6.2≥ 7.2v6.02017-10-19
CVE-2017-10356 [MEDIUM] CVE-2017-10356: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedde
nvd
CVE-2017-10345LOWCVSS 3.1≥ 7.2v6.02017-10-19
CVE-2017-10345 [LOW] CVE-2017-10345: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
nvd