Skip to main content

Metrocluster Tiebreaker

3 CVEs product

Monthly

CVE-2022-22968 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework Active Iq Unified Manager Cloud Secure Agent +4
NVD
CVSS 3.1
5.3
EPSS
5.7%
CVE-2021-22096 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Spring Framework Active Iq Unified Manager Management Services For Element Software And Netapp Hci +5
NVD
CVSS 3.1
4.3
EPSS
1.3%
CVE-2016-6820 HIGH PATCH This Week

MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Metrocluster Tiebreaker
NVD
CVSS 3.0
7.5
EPSS
0.4%
EPSS 6% CVSS 5.3
MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Framework +6
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Spring Framework +7
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Metrocluster Tiebreaker
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy