Shodan
Vulnerabilities
Vulnerable Software
Netapp:  Security Vulnerabilities
CVE-2014-9354
NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.
CVSS Score
4.0
EPSS Score
0.002
Published
2015-02-06
CVE-2014-9353
NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.013
Published
2015-02-06
CVE-2010-5312
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
CVSS Score
6.1
EPSS Score
0.059
Published
2014-11-24
CVE-2010-1871
Known exploited
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.
CVSS Score
8.8
EPSS Score
0.936
Published
2010-08-05
CVE-2008-3349
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
CVSS Score
10.0
EPSS Score
0.044
Published
2008-07-28
CVE-2007-2768
OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243.
CVSS Score
4.3
EPSS Score
0.002
Published
2007-05-21
CVE-2007-2379
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."
CVSS Score
5.0
EPSS Score
0.013
Published
2007-04-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved