CVE-2019-5492

Опубликовано: 29 апр. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.

Ссылки

http://www.securityfocus.com/bid/108105
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190426-0001/
Vendor Advisory
http://www.securityfocus.com/bid/108105
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190426-0001/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:netapp:hyper_converged_infrastructure_compute_node:*:*:*:*:*:*:*:*

Версия до 1.4 (включая)

Конфигурация 2

cpe:2.3:a:netapp:element_plug-in_for_vcenter_server:*:*:*:*:*:*:*:*

Версия до 4.2.3 (исключая)

EPSS

Процентиль: 63%

0.00457

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-m5cm-69xp-qf52