Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2017
CVE-2016-1502
NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors.
CVSS Score
7.3
EPSS Score
0.001
Published
2017-02-07
CVE-2016-1894
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
CVSS Score
8.1
EPSS Score
0.004
Published
2017-02-07
CVE-2016-2403
Symfony before 2.8.6 and 3.x before 3.0.6 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind.
CVSS Score
9.8
EPSS Score
0.002
Published
2017-02-07
CVE-2016-3063
Multiple functions in NetApp OnCommand System Manager before 8.3.2 do not properly escape special characters, which allows remote authenticated users to execute arbitrary API calls via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-02-07
CVE-2016-3124
The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-02-07
CVE-2016-3180
Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature.
CVSS Score
8.1
EPSS Score
0.007
Published
2017-02-07
CVE-2016-4341
NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-02-07
CVE-2016-5372
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
CVSS Score
6.3
EPSS Score
0.001
Published
2017-02-07
CVE-2016-5711
NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-02-07
CVE-2016-6495
NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.
CVSS Score
5.9
EPSS Score
0.004
Published
2017-02-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved