CVE-2017-15518

All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:netapp:oncommand_api_services:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:netapp:service_level_manager:*:*:*:*:*:*:*:*

History

11 May 2021, 18:22

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:oncommand_api:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_api_services:*:*:*:*:*:*:*:*

Information

Published : 2018-02-23 23:29

Updated : 2021-05-11 18:22


NVD link : CVE-2017-15518

Mitre link : CVE-2017-15518


JSON object : View

Products Affected

netapp

  • service_level_manager
  • oncommand_api_services
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor