聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2016-6904 | Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials. | 8.1 | 1.18% | 2017-12-11 | 2026-06-16 |
| CVE-2017-11461 | NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface. | 4.3 | 1.02% | 2017-11-09 | 2026-06-16 |
| CVE-2017-15514 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 无 | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2017-15515 | NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. | 4.8 | 0.69% | 2019-03-04 | 2026-06-16 |
| CVE-2017-15516 | NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used to cause an unintended authenticated action in the user interface. | 8.8 | 0.56% | 2017-11-16 | 2026-06-16 |
| CVE-2017-15517 | AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution. | 5.5 | 0.37% | 2017-11-16 | 2026-06-16 |
| CVE-2017-15518 | All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required. | 7.8 | 0.34% | 2018-02-23 | 2026-06-16 |
| CVE-2017-15519 | Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation. | 7.2 | 1.20% | 2018-03-06 | 2026-06-16 |
| CVE-2017-15520 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | 无 | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15521 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | 无 | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15522 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | 无 | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15523 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | 无 | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-7568 | NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface. | 5.3 | 1.37% | 2018-06-22 | 2026-06-16 |
| CVE-2018-5480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 无 | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2018-5481 | OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks. | 7.4 | 0.65% | 2019-01-07 | 2026-06-16 |
| CVE-2018-5482 | NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel. | 5.3 | 0.93% | 2019-03-04 | 2026-06-16 |
| CVE-2018-5483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | 无 | 0.04% | 2022-08-25 | 2023-11-06 |
| CVE-2018-5484 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | 无 | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2018-5485 | NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. | 7.8 | 0.41% | 2018-05-24 | 2026-06-16 |
| CVE-2018-5486 | NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. | 7.8 | 0.40% | 2018-04-25 | 2026-06-16 |