NetApp E Series Santricity Web Services
By the Year
In 2020 there have been 1 vulnerability in NetApp E Series Santricity Web Services with an average score of 3.7 out of ten. Last year E Series Santricity Web Services had 1 security vulnerability published. At the current rates, it appears that the number of vulerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 3.80
It may take a day or so for new E Series Santricity Web Services vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest NetApp E Series Santricity Web Services Security Vulnerabilities
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking)
3.7 - Low
- January 15, 2020
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
In Apache ActiveMQ 5.0.0 - 5.15.8
7.5 - High
- March 28, 2019
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
Improper Control of Generation of Code ('Code Injection')