CVE-2018-5488

NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution.
References
Link Resource
https://security.netapp.com/advisory/ntap-20180612-0001/ Vendor Advisory
http://www.securityfocus.com/bid/104462 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:netapp:santricity_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:santricity_web_services_proxy:*:*:*:*:*:*:*:*

Information

Published : 2018-06-13 13:29

Updated : 2018-08-11 10:54


NVD link : CVE-2018-5488

Mitre link : CVE-2018-5488


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

netapp

  • santricity_web_services_proxy
  • santricity_storage_manager