PT-2018-5898 · Netapp · Netapp Service Level Manager+1

Published

2018-02-23

Updated

2021-05-11

CVE-2017-15518

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: OnCommand API Services versions prior to 2.1 NetApp Service Level Manager versions prior to 1.0RC4

Description: A security issue exists where privileged database user account passwords are logged. It is recommended that users upgrade to a fixed version to address this issue. The affected password is changed during every upgrade or installation, so no additional actions are required beyond updating.

Recommendations: For OnCommand API Services versions prior to 2.1, update to version 2.1 or later. For NetApp Service Level Manager versions prior to 1.0RC4, update to version 1.0RC4 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2017-15518

Affected Products

Netapp Service Level Manager

Oncommand Api Services

PT-2018-5898 · Netapp · Netapp Service Level Manager+1

CVE-2017-15518

Weakness Enumeration

Related Identifiers

Affected Products

References · 3