Vulnerabilites related to NetApp - OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above
cve-2019-5495
Vulnerability from cvelistv5
Published
2019-05-10 19:12
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20190509-0007/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | NetApp | OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above |
Version: Versions prior to 9.5 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:53.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190509-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above",
"vendor": "NetApp",
"versions": [
{
"status": "affected",
"version": "Versions prior to 9.5"
}
]
}
],
"datePublic": "2019-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-10T20:37:20",
"orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"shortName": "netapp"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190509-0007/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@netapp.com",
"ID": "CVE-2019-5495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OnCommand Unified Manager for VMware vSphere,Linux and Windows 7.2 and above",
"version": {
"version_data": [
{
"version_value": "Versions prior to 9.5"
}
]
}
}
]
},
"vendor_name": "NetApp"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190509-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190509-0007/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
"assignerShortName": "netapp",
"cveId": "CVE-2019-5495",
"datePublished": "2019-05-10T19:12:23",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T19:54:53.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}