Netapp Snapcenter Server — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Snapcenter Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2018-8014 — CVSS 9.8 (critical): The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to…
CVE-2017-15516 — CVSS 8.8 (high): NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used…
CVE-2016-8610 — CVSS 7.5 (high): A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined…
CVE-2016-1502 — CVSS 7.3 (high): NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via…
CVE-2017-15519 — CVSS 7.2 (high): Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for…
CVE-2020-14800 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected…
CVE-2020-14769 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49…
CVE-2020-14775 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior…
CVE-2018-5482 — CVSS 5.3 (medium): NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the…
CVE-2020-14773 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21…
CVE-2020-14777 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21…
CVE-2020-14785 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21…
CVE-2020-14786 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and…
CVE-2020-14789 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and…
CVE-2020-14790 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and…
CVE-2020-14672 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are…
CVE-2020-14794 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21…
CVE-2020-14799 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected…
CVE-2020-14793 — CVSS 4.9 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49…
CVE-2017-15515 — CVSS 4.8 (medium): NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject…
CVE-2020-14791 — CVSS 2.2 (low): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior…