This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Netapp First view 2018-06-26
Product Element Software Management Node Last view 2019-10-17
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:* 8

Related : CVE

  Date Alert Description
8.8 2019-10-17 CVE-2019-14287

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

5.5 2019-04-04 CVE-2018-20449

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

5.5 2019-03-21 CVE-2019-7222

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

7.8 2019-03-21 CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

4.6 2019-03-21 CVE-2018-19985

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

5.9 2019-01-16 CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.

5.5 2019-01-07 CVE-2019-5489

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

9.8 2018-06-26 CVE-2017-7657

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

CWE : Common Weakness Enumeration

%idName
12% (1) CWE-755 Improper Handling of Exceptional Conditions
12% (1) CWE-476 NULL Pointer Dereference
12% (1) CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggli...
12% (1) CWE-416 Use After Free
12% (1) CWE-319 Cleartext Transmission of Sensitive Information
12% (1) CWE-200 Information Exposure
12% (1) CWE-190 Integer Overflow or Wraparound
12% (1) CWE-125 Out-of-bounds Read

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-48b73ed393.nasl - Type: ACT_GATHER_INFO
2018-08-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4278.nasl - Type: ACT_GATHER_INFO
2018-07-13 Name: The remote Fedora host is missing a security update.
File: fedora_2018-93a507fd0f.nasl - Type: ACT_GATHER_INFO
2017-08-17 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201708-01.nasl - Type: ACT_GATHER_INFO
2017-07-31 Name: The remote device is affected by a denial of service vulnerability.
File: juniper_jsa10799.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-0276.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1026.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1025.nasl - Type: ACT_GATHER_INFO
2017-03-07 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-314.nasl - Type: ACT_GATHER_INFO
2017-03-06 Name: The remote Fedora host is missing a security update.
File: fedora_2017-d0c9bf9508.nasl - Type: ACT_GATHER_INFO
2017-03-06 Name: The remote Fedora host is missing a security update.
File: fedora_2017-96b7f4f53e.nasl - Type: ACT_GATHER_INFO
2017-03-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0595-1.nasl - Type: ACT_GATHER_INFO
2017-03-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0596-1.nasl - Type: ACT_GATHER_INFO
2017-03-03 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-0594-1.nasl - Type: ACT_GATHER_INFO
2017-03-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-843.nasl - Type: ACT_GATHER_INFO
2017-02-27 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3795.nasl - Type: ACT_GATHER_INFO
2017-02-23 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL80533167.nasl - Type: ACT_GATHER_INFO
2017-02-21 Name: The remote Fedora host is missing a security update.
File: fedora_2017-27099c270a.nasl - Type: ACT_GATHER_INFO
2017-02-17 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-3201-1.nasl - Type: ACT_GATHER_INFO
2017-02-17 Name: The remote name server is affected by a denial of service vulnerability.
File: bind9_CVE-2017-3135.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20170215_bind_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2017-0276.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2017-0276.nasl - Type: ACT_GATHER_INFO
2017-02-16 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2017-0276.nasl - Type: ACT_GATHER_INFO
2017-02-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-2b46c8b6c2.nasl - Type: ACT_GATHER_INFO