Known Vulnerabilities for Nas Os by Seagate
Listed below are 10 of the newest known vulnerabilities associated with "Nas Os" by "Seagate".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-12304 json | Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via mul... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12303 json | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via directory n... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12302 json | Missing HTTPOnly flag on session cookies in the Seagate NAS OS version 4.3.15.1 web application allows attackers to steal ses... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12301 json | Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via ... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12300 json | Arbitrary Redirect in echo-server.html in Seagate NAS OS version 4.3.15.1 allows attackers to disclose information in the Ref... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12299 json | Cross-site scripting in filebrowser in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via uploaded fi... | 5.4 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12298 json | Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's contain... | 7.5 - HIGH | 2019-05-13 | 2019-05-13 |
| CVE-2018-12297 json | Cross-site scripting in API error pages in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via URL pat... | 6.1 - MEDIUM | 2019-05-13 | 2019-05-13 |
| CVE-2018-12296 json | Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers ... | 7.5 - HIGH | 2019-05-13 | 2019-10-03 |
| CVE-2018-12295 json | SQL injection in folderViewSpecific.psp in Seagate NAS OS version 4.3.15.1 allows attackers to execute arbitrary SQL commands... | 9.8 - CRITICAL | 2019-05-13 | 2019-05-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Seagate | Nas Os | 4.3.19.6 | |||
| Operating System | Seagate | Nas Os | 4.3.18.6 | |||
| Operating System | Seagate | Nas Os | 4.3.17.0 | |||
| Operating System | Seagate | Nas Os | 4.3.16.0 | |||
| Operating System | Seagate | Nas Os | 4.3.15.1 | |||
| Operating System | Seagate | Nas Os | 4.3.14.3 | |||
| Operating System | Seagate | Nas Os | 4.2.8.8 | |||
| Operating System | Seagate | Nas Os | 4.2.12.0 | |||
| Operating System | Seagate | Nas Os | 4.2.11.1 | |||
| Operating System | Seagate | Nas Os | 4.2.10.0 | |||
| Operating System | Seagate | Nas Os | 4.1.9.2 | |||
| Operating System | Seagate | Nas Os | 4.1.9.1 | |||
| Operating System | Seagate | Nas Os | 4.0.9.4 | |||
| Operating System | Seagate | Nas Os | 4.0.9.3 | |||
| Operating System | Seagate | Nas Os | 4.0.9.2 | |||
| Operating System | Seagate | Nas Os | 4.0.15.0 | |||
| Operating System | Seagate | Nas Os | 4.0.14.1 | |||
| Operating System | Seagate | Nas Os | 4.0.12.7 | |||
| Operating System | Seagate | Nas Os | 4.0.12.4 |