ByteOS Network

NVD Vulnerability Details :

CVE-2019-17275

Analyzed

More Info Official Page

Source-security-alert@netapp.com

Published At-26 Feb, 2020 | 18:15

Updated At-28 Feb, 2020 | 15:24

OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 9.8

Base severity: CRITICAL

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

NetApp, Inc.

>>oncommand_cloud_manager>>Versions before 3.8.0(exclusive)

cpe:2.3:a:netapp:oncommand_cloud_manager:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-noinfo	Primary	nvd@nist.gov

CWE ID: NVD-CWE-noinfo

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://security.netapp.com/advisory/ntap-20200226-0003/	security-alert@netapp.com	Patch Vendor Advisory

Hyperlink: https://security.netapp.com/advisory/ntap-20200226-0003/

Source: security-alert@netapp.com

Resource:

Patch

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History