CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5481

OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.2%

CVSS Severity

CVSS v3 Score 7.4

CVSS v2 Score 5.8

References

https://security.netapp.com/advisory/ntap-20190104-0001/
https://security.netapp.com/advisory/ntap-20190104-0001/

Products affected by CVE-2018-5481

Netapp » Oncommand Unified Manager » Version: N/A

cpe:2.3:a:netapp:oncommand_unified_manager:-
Netapp » Oncommand Unified Manager » Version: 5.1

cpe:2.3:a:netapp:oncommand_unified_manager:5.1
Netapp » Oncommand Unified Manager » Version: 5.2.1

cpe:2.3:a:netapp:oncommand_unified_manager:5.2.1
Netapp » Oncommand Unified Manager » Version: 5.2.2

cpe:2.3:a:netapp:oncommand_unified_manager:5.2.2
Netapp » Oncommand Unified Manager » Version: 5.2.3

cpe:2.3:a:netapp:oncommand_unified_manager:5.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5481

Products

Pricing

Contact Us