Skip to main content

Snapdrive CVE-2015-8544

HIGH
Information Exposure (CWE-200)
2017-02-07 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 07, 2017 - 17:59 cve.org
HIGH 7.5

DescriptionCVE.org

NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.

AnalysisAI

NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors. Affected products include: Netapp Snapdrive. Version information: before 7.0.2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

CVE-2016-8610 HIGH
7.5 Nov 13

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL proto

CVE-2018-18314 CRITICAL POC
9.8 Dec 07

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Rated

CVE-2018-18312 CRITICAL POC
9.8 Dec 05

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid

CVE-2018-18313 CRITICAL POC
9.1 Dec 07

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive informa

CVE-2015-8960 HIGH POC
8.1 Sep 21

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values fo

CVE-2018-12015 HIGH POC
7.5 Jun 07

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mecha

CVE-2022-29824 MEDIUM POC
6.5 May 03

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for i

CVE-2020-24977 MEDIUM POC
6.5 Sep 04

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entiti

CVE-2021-3518 HIGH
8.8 May 18

There's a flaw in libxml2 in versions before 2.9.11. Rated high severity (CVSS 8.8), this vulnerability is remotely expl

CVE-2021-3517 HIGH
8.6 May 19

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. Rated high severity (CVSS

CVE-2022-23308 HIGH
7.5 Feb 26

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. Rated high severity (CVSS 7.5), this v

CVE-2020-7595 HIGH
7.5 Jan 21

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. Rated

Share

CVE-2015-8544 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy