Описание
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 11.30.0x00.0004 (включая) до 11.42.0x00.0001 (включая)Версия от 1.10.x000.0002 (включая) до 2.12.x000.0002 (включая)
Одно из
cpe:2.3:a:netapp:santricity_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_web_services_proxy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02125
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.
EPSS
Процентиль: 84%
0.02125
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20