Описание
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.2.4 (исключая)
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00124
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-311
Связанные уязвимости
CVSS3: 7.4
github
больше 3 лет назад
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
EPSS
Процентиль: 32%
0.00124
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-311