Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp ontap 9 - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-27314
ONTAP 9 versions before 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to cause a crash of the HTTP service.
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.8
Netapp Clustered Data Ontap 9.10.0
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap 9.12.0
Netapp Clustered Data Ontap 9.13.0
Netapp Clustered Data Ontap
187
VMScore
CVE-2021-27001
Clustered Data ONTAP versions 9.x before 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local malicious user to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.
Netapp Clustered Data Ontap 9.6
Netapp Clustered Data Ontap 9.5
Netapp Clustered Data Ontap 9.7
Netapp Clustered Data Ontap 9.8
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.9.1
NA
CVE-2024-21985
ONTAP 9 versions before 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible a...
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.11.1
Netapp Clustered Data Ontap 9.12.1
Netapp Clustered Data Ontap 9.13.1
151
VMScore
CVE-2021-27004
System Manager 9.x versions 9.7 and higher before 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local malicious user to discover plaintext iSCSI CHAP credentials.
Netapp Ontap System Manager 9.7
Netapp Ontap System Manager 9.8
Netapp Ontap System Manager
Netapp Ontap System Manager 9.9.12
NA
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
356
VMScore
CVE-2017-14583
NetApp Clustered Data ONTAP versions 9.x before 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an malicious user to cause a Denial of Service (DoS) in SMB environments.
Netapp Clustered Data Ontap 9.2
Netapp Clustered Data Ontap
NA
CVE-2023-27535
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current set...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp Ontap 9 -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability aff...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
NA
CVE-2022-42915
curl prior to 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might ref...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9 -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
516
VMScore
CVE-2017-10293
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Succ...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Netapp Cloud Backup -
Netapp Oncommand Balance -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Virtual Storage Console
Netapp E-series Santricity Storage Manager -
Netapp Oncommand Unified Manager -
Netapp Active Iq Unified Manager
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Management Plug-ins -
Netapp Oncommand Shift -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »