HIGH🇵🇱 Wersja polska

CVE-2015-3292

CVSS 10.0v2.0pub. 2015-05-31upd. 2026-05-06

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Netapp Oncommand Workflow Automation

    APP
    Netapp
    3.0≤ 2.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2016-3427CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...

CVE-2024-28752CRITICAL9.3PL ✓ten sam produkt

SSRF w Apache CXF przez Aegis DataBinding — ataki na usługi webowe

CVE-2023-38545CRITICAL9.8ten sam produkt

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass a...

CVE-2022-37434CRITICAL9.8ten sam produkt

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large g...

CVE-2022-23852CRITICAL9.8ten sam produkt

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a no...