CVE-2015-3292 — HIGH (10.0)

Q: How severe is CVE-2015-3292?

CVE-2015-3292 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-3292?

Check the references section above for vendor advisories and patch information. Affected products include: Netapp Oncommand Workflow Automation.

Vulnerability Description

The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Netapp	Oncommand Workflow Automation	<= 2.2.1

Related Weaknesses (CWE)

CWE-17

References

FAQ

What is CVE-2015-3292?

CVE-2015-3292 is a vulnerability with a CVSS score of 10.0 (HIGH). The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary co...

How severe is CVE-2015-3292?

CVE-2015-3292 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-3292?

Check the references section above for vendor advisories and patch information. Affected products include: Netapp Oncommand Workflow Automation.