Описание
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (включая)
cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00906
Низкий
7.5 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-829
Связанные уязвимости
github
почти 4 года назад
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
EPSS
Процентиль: 75%
0.00906
Низкий
7.5 High
CVSS3
6 Medium
CVSS2
Дефекты
CWE-829