exploitDog

CVE-2017-11461

Опубликовано: 10 нояб. 2017

Источник: nvd

CVSS3: 4.3

CVSS2: 4.3

EPSS Низкий

Описание

NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface.

Ссылки

http://www.securityfocus.com/bid/101778
Third Party Advisory
VDB Entry
https://security.netapp.com/advisory/ntap-20171107-0001/
Vendor Advisory
http://www.securityfocus.com/bid/101778
Third Party Advisory
VDB Entry
https://security.netapp.com/advisory/ntap-20171107-0001/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*

Версия до 5.2.1 (исключая)

EPSS

Процентиль: 48%

0.00245

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-97rf-r5hv-frfc

CVSS3: 4.3

github

больше 3 лет назад

NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface.

EPSS

Процентиль: 48%

0.00245

Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20