Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

netapp ontap mediator vulnerabilities and exploits

(subscribe to this query)
5.3
CVSSv3
CVE-2023-27319
ONTAP Mediator versions before 1.7 are susceptible to a vulnerability that can allow an unauthenticated malicious user to enumerate URLs via REST API.
Netapp Ontap Mediator
7.5
CVSSv3
CVE-2022-1678
An issue exists in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
Linux Linux KernelNetapp Element Software -Netapp Storagegrid -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Santricity Os ControllerNetapp Bootstrap Os -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Santricity Smi-s Provider -Netapp Storagegrid -Netapp Clustered Data Ontap -Netapp Clustered Data Ontap Antivirus Connector -Netapp Cloud Volumes Ontap Mediator -Netapp A250 Firmware -Netapp 500f Firmware -Fedoraproject Fedora 34Fedoraproject Fedora 36Tenable NessusMariadb MariadbNodejs Node.js
5.9
CVSSv3
CVE-2020-36516
An issue exists in the Linux kernel up to and including 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path malicious user to inject data into a victim's TCP session or terminate that session.
Linux Linux KernelNetapp Solidfire \\& Hci Management Node -Netapp Cloud Volumes Ontap Mediator -Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -Netapp E-series Santricity Os ControllerNetapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -Netapp H610c Firmware -Netapp H615c Firmware -Netapp H610s Firmware -Netapp Bootstrap Os -
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Freebsd Freebsd 12.2Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Oncommand Insight -Netapp Ontap Select Deploy Administration Utility -Netapp Active Iq Unified Manager -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Performance Analyzer -Tenable Tenable.scTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineFedoraproject Fedora 34
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl OpensslFreebsd Freebsd 12.2Netapp Santricity Smi-s Provider Firmware -Netapp Storagegrid Firmware -Windriver Linux -Windriver Linux 18.0Windriver Linux 19.0Windriver Linux 17.0Netapp Oncommand Workflow Automation -Netapp Storagegrid -Netapp Ontap Select Deploy Administration Utility -Netapp Cloud Volumes Ontap Mediator -Fedoraproject Fedora 34Tenable Nessus AgentTenable NessusTenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Oracle Jd Edwards World Security A9.4Oracle Weblogic Server 12.2.1.4.0
3.7
CVSSv3
CVE-2020-16166
The Linux kernel up to and including 5.7.11 allows remote malicious users to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.
Linux Linux KernelOpensuse Leap 15.1Opensuse Leap 15.2Fedoraproject Fedora 31Fedoraproject Fedora 32Debian Debian Linux 9.0Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04Netapp Steelstore Cloud Integrated Storage -Netapp Active Iq Unified ManagerNetapp Solidfire -Netapp Hci Management Node -Netapp Cloud Volumes Ontap Mediator -Netapp E-series Santricity Os ControllerNetapp Hci Bootstrap Os -Netapp StoragegridNetapp H410c Firmware -Oracle Sd-wan Edge 8.2
7.5
CVSSv3
CVE-2019-20907
In Lib/tarfile.py in Python up to and including 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
Python PythonOpensuse Leap 15.1Opensuse Leap 15.2Debian Debian Linux 9.0Fedoraproject Fedora 31Fedoraproject Fedora 32Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04Netapp Active Iq Unified ManagerNetapp Cloud Volumes Ontap Mediator -Oracle Zfs Storage Appliance Kit 8.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook