Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp fabric-attached storage 8300 firmware vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-17274
NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x before 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.
Netapp Fabric-attached Storage 8700 Firmware
Netapp Fabric-attached Storage 8300 Firmware
Netapp All Flash Fabric-attached Storage A400 Firmware
7.5
CVSSv3
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
7.5
CVSSv3
CVE-2021-45485
In the IPv6 implementation in the Linux kernel prior to 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresse...
Linux Linux Kernel
Netapp E-series Santricity Os Controller -
Netapp Solidfire & Hci Management Node -
Netapp Brocade Fabric Operating System Firmware -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Policy 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.1
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp Hci Compute Node Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410c Firmware -
Netapp H410s Firmware -
Netapp H500e Firmware -
Netapp H500s Firmware -
Netapp H610c Firmware -
6.7
CVSSv3
CVE-2020-15436
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel prior to 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
Linux Linux Kernel
Broadcom Brocade Fabric Operating System Firmware -
Netapp Cloud Backup -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp H410c Firmware -
Netapp H610c Firmware -
Netapp H610s Firmware -
Netapp H615c Firmware -
Netapp A700s Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff A400 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp A250 Firmware -
Netapp Aff 500f Firmware -
Netapp Fas 500f Firmware -
7.8
CVSSv3
CVE-2019-25045
An issue exists in the Linux kernel prior to 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.
Linux Linux Kernel
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Cloud Backup -
Netapp Solidfire & Hci Management Node -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H610c Firmware -
Netapp H610s Firmware -
Netapp H615c Firmware -
Netapp H300s Firmware -
Netapp Fas 8300 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp Aff A700s Firmware -
5.3
CVSSv3
CVE-2022-1343
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fail...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A250 Firmware -
Netapp A700s Firmware -
Netapp Aff 500f Firmware -
Netapp Aff 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp Fas 500f Firmware -
Netapp Fas 8300 Firmware -
Netapp Fas 8700 Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
5.9
CVSSv3
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an Op...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
7.5
CVSSv3
CVE-2022-1473
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
9.8
CVSSv3
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
6.5
CVSSv3
CVE-2022-40982
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Redhat Enterprise Linux 7.0
Xen Xen -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Intel Microcode
Intel Xeon E-2314 Firmware -
Intel Xeon E-2324g Firmware -
Intel Xeon E-2334 Firmware -
Intel Xeon E-2374g Firmware -
Intel Xeon E-2336 Firmware -
Intel Xeon E-2356g Firmware -
Intel Xeon E-2386g Firmware -
Intel Xeon E-2378 Firmware -
Intel Xeon E-2378g Firmware -
Intel Xeon E-2388g Firmware -
Intel Xeon W-1350 Firmware -
Intel Xeon W-1350p Firmware -
Intel Xeon W-1370 Firmware -
Intel Xeon W-1370p Firmware -
Intel Xeon W-1390t Firmware -
Intel Xeon W-1390 Firmware -
2 Github repositories
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started