Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp storagegrid webscale - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5495
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated malicious user to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
Netapp Storagegrid Webscale -
7.5
CVSSv3
CVE-2023-27318
StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to a crash of the Local Distribution Router (LDR) service.
Netapp Storagegrid
7.5
CVSSv3
CVE-2022-38734
StorageGRID (formerly StorageGRID Webscale) versions before 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.
Netapp Storagegrid
7.5
CVSSv3
CVE-2022-23233
StorageGRID (formerly StorageGRID Webscale) versions before 11.6.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS) of the Local Distribution Router (LDR) service.
Netapp Storagegrid
7.5
CVSSv3
CVE-2020-8571
StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 up to and including 11.3 before 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote malicious user to cause a Denial of Service (DoS).
Netapp Storagegrid
7.5
CVSSv3
CVE-2018-18066
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Netapp Storagegrid Webscale -
Netapp Solidfire Element Os -
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Data Ontap -
Netapp E-series Santricity Os Controller
6.5
CVSSv3
CVE-2022-23238
Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 up to and including 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to view limited metrics ...
Netapp Storagegrid
6.5
CVSSv3
CVE-2018-19039
Grafana prior to 4.6.5 and 5.x prior to 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Grafana Grafana
Redhat Enterprise Linux Workstation 7.0
Redhat Ceph Storage 3.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 7.0
Netapp Active Iq Performance Analytics Services -
Netapp Storagegrid Webscale Nas Bridge -
6.5
CVSSv3
CVE-2018-18065
_set_key in agent/helpers/table_container.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an authenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Netapp Data Ontap -
Netapp Storagegrid Webscale -
Netapp Hyper Converged Infrastructure -
Netapp Solidfire Element Os -
Paloaltonetworks Pan-os
1 EDB exploit
6.5
CVSSv3
CVE-2017-12422
NetApp StorageGRID Webscale 10.2.x prior to 10.2.2.3, 10.3.x prior to 10.3.0.4, and 10.4.x prior to 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
Netapp Storagegrid Webscale 10.3.0
Netapp Storagegrid Webscale 10.4.0
Netapp Storagegrid Webscale 10.2
Netapp Storagegrid Webscale 10.2.1
Netapp Storagegrid Webscale 10.2.2
Netapp Storagegrid Webscale 10.2.2.2
Netapp Storagegrid Webscale 10.3.0.3
Netapp Storagegrid Webscale 10.4.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »