All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required.
References
Link | Resource |
---|---|
https://security.netapp.com/advisory/NTAP-20180223-0001/ | Vendor Advisory |
https://security.netapp.com/advisory/NTAP-20180223-0001/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:14
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.netapp.com/advisory/NTAP-20180223-0001/ - Vendor Advisory |
Information
Published : 2018-02-23 23:29
Updated : 2024-11-21 03:14
NVD link : CVE-2017-15518
Mitre link : CVE-2017-15518
CVE.ORG link : CVE-2017-15518
JSON object : View
Products Affected
netapp
- service_level_manager
- oncommand_api_services
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor