CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5488

NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-5488

Netapp » Santricity Storage Manager » Version: 11.30.0x00.0004

cpe:2.3:a:netapp:santricity_storage_manager:11.30.0x00.0004
Netapp » Santricity Storage Manager » Version: 11.42.0x00.0001

cpe:2.3:a:netapp:santricity_storage_manager:11.42.0x00.0001
Netapp » Santricity Web Services Proxy » Version: 1.10.x000.0002

cpe:2.3:a:netapp:santricity_web_services_proxy:1.10.x000.0002
Netapp » Santricity Web Services Proxy » Version: 2.12.x000.0002

cpe:2.3:a:netapp:santricity_web_services_proxy:2.12.x000.0002

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5488

Products

Pricing

Contact Us