snap creator framework vulnerabilities and exploits

4.7
MEDIUM
CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache....

6.8
MEDIUM
CVE-2016-5372

Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors....

7.2
HIGH
CVE-2016-4484

The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password....

Cryptsetup ProjectCryptsetup
5
MEDIUM
CVE-2016-7172

NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user....

5
MEDIUM
CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura...

5
MEDIUM
CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by re...

OpensslOpenssl
10
HIGH
CVE-2002-0012

Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multip...

10
HIGH
CVE-2002-0013

Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite...

SnmpSnmp
NA
CVE-2016-5710

NetApp Snap Creator Framework CVE-2016-5710 Clickjacking Vulnerability...