CVE-2019-5492
HIGHElement Plug-in for vCenter Server <4.2.3 - Info Disclosure
Title source: llmDescription
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190426-0001/
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108105
Scores
CVSS v3
7.5
EPSS
0.0046
EPSS Percentile
64.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
Status
published
Products (2)
netapp/element_plug-in_for_vcenter_server
< 4.2.3
netapp/hyper_converged_infrastructure_compute_node
< 1.4
Published
Apr 29, 2019
Tracked Since
Feb 18, 2026