Design/Logic Flaw

2019-09-1016:15:00

PRIOn knowledge base

www.prio-n.com

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.9%

JSON

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
oncommand_workflow_automationeq5.0

CPE	Name	Operator	Version
	oncommand_workflow_automation	eq	5.0

References

security.netapp.com/advisory/ntap-20190909-0001/