CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:netapp:oncommand_api_services:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc3:*:*:*:*:*:*

History

21 Nov 2024, 03:14

Type Values Removed Values Added
References () https://security.netapp.com/advisory/NTAP-20180223-0001/ - Vendor Advisory () https://security.netapp.com/advisory/NTAP-20180223-0001/ - Vendor Advisory

Information

Published : 2018-02-23 23:29

Updated : 2024-11-21 03:14


NVD link : CVE-2017-15518

Mitre link : CVE-2017-15518

CVE.ORG link : CVE-2017-15518


JSON object : View

Products Affected

netapp

  • service_level_manager
  • oncommand_api_services
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor