| |
Vulnerability CVE-2019-5495
Published: 2019-05-10
Description: |
OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. |
Type:
CWE-254 (Security Features)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://security.netapp.com/advisory/ntap-20190509-0007/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|