Known Vulnerabilities for Nas Os by Seagate
Listed below are 10 of the newest known vulnerabilities associated with "Nas Os" by "Seagate".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-12304 | Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via mul... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12303 | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory n... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12302 | Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal ses... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12301 | Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via ... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12300 | Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Ref... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12299 | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded fi... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12298 | Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's contain... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12297 | Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL pat... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12296 | Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers ... | 7.5 - HIGH | 2019-05-13 | 2019-10-03 |
| CVE-2018-12295 | SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands... | 9.8 - CRITICAL | 2019-05-13 | 2019-05-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Seagate | Nas Os | 4.3.19.6 | |||
| Operating System | Seagate | Nas Os | 4.3.18.6 | |||
| Operating System | Seagate | Nas Os | 4.3.17.0 | |||
| Operating System | Seagate | Nas Os | 4.3.16.0 | |||
| Operating System | Seagate | Nas Os | 4.3.15.1 | |||
| Operating System | Seagate | Nas Os | 4.3.14.3 | |||
| Operating System | Seagate | Nas Os | 4.2.8.8 | |||
| Operating System | Seagate | Nas Os | 4.2.12.0 | |||
| Operating System | Seagate | Nas Os | 4.2.11.1 | |||
| Operating System | Seagate | Nas Os | 4.2.10.0 | |||
| Operating System | Seagate | Nas Os | 4.1.9.2 | |||
| Operating System | Seagate | Nas Os | 4.1.9.1 | |||
| Operating System | Seagate | Nas Os | 4.0.9.4 | |||
| Operating System | Seagate | Nas Os | 4.0.9.3 | |||
| Operating System | Seagate | Nas Os | 4.0.9.2 | |||
| Operating System | Seagate | Nas Os | 4.0.15.0 | |||
| Operating System | Seagate | Nas Os | 4.0.14.1 | |||
| Operating System | Seagate | Nas Os | 4.0.12.7 | |||
| Operating System | Seagate | Nas Os | 4.0.12.4 |