Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp ontap 9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-27314
ONTAP 9 versions before 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to cause a crash of the HTTP service.
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.8
Netapp Clustered Data Ontap 9.10.0
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap 9.12.0
Netapp Clustered Data Ontap 9.13.0
Netapp Clustered Data Ontap
5.5
CVSSv3
CVE-2021-27001
Clustered Data ONTAP versions 9.x before 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local malicious user to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period.
Netapp Clustered Data Ontap 9.6
Netapp Clustered Data Ontap 9.5
Netapp Clustered Data Ontap 9.7
Netapp Clustered Data Ontap 9.8
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap
7.6
CVSSv3
CVE-2024-21985
ONTAP 9 versions before 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible a...
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.11.1
Netapp Clustered Data Ontap 9.12.1
Netapp Clustered Data Ontap 9.13.1
5.5
CVSSv3
CVE-2021-27004
System Manager 9.x versions 9.7 and higher before 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local malicious user to discover plaintext iSCSI CHAP credentials.
Netapp Ontap System Manager 9.7
Netapp Ontap System Manager 9.8
Netapp Ontap System Manager
Netapp Ontap System Manager 9.9.12
4.6
CVSSv3
CVE-2023-27317
ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. This co...
Netapp Ontap 9.12.1
Netapp Ontap 9.13.1
6.5
CVSSv3
CVE-2017-14583
NetApp Clustered Data ONTAP versions 9.x before 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an malicious user to cause a Denial of Service (DoS) in SMB environments.
Netapp Clustered Data Ontap 9.2
Netapp Clustered Data Ontap
7.5
CVSSv3
CVE-2024-27316
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
Apache Http Server
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Fedoraproject Fedora 40
Netapp Ontap 9
2 Github repositories
1 Article
5.9
CVSSv3
CVE-2023-27535
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current set...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp Ontap 9 -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.9
CVSSv3
CVE-2023-27536
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability aff...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
8.1
CVSSv3
CVE-2022-42915
curl prior to 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might ref...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Ontap 9 -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »