Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp ontap system manager vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-27004
System Manager 9.x versions 9.7 and higher before 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local malicious user to discover plaintext iSCSI CHAP credentials.
Netapp Ontap System Manager 9.7
Netapp Ontap System Manager 9.8
Netapp Ontap System Manager
Netapp Ontap System Manager 9.9.12
7.5
CVSSv3
CVE-2021-27005
Clustered Data ONTAP versions 9.6 and higher before 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote malicious user to cause a crash of the httpd server.
Netapp Ontap System Manager 9.7
Netapp Ontap System Manager 9.8
Netapp Ontap System Manager
Netapp Ontap System Manager 9.9.12
8.8
CVSSv3
CVE-2015-8322
NetApp OnCommand System Manager 8.3.x prior to 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Netapp Data Ontap 8.3
Netapp Data Ontap 8.3.1
7
CVSSv3
CVE-2022-26488
In Python prior to 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local malicious user to add user-writable directories to the system search path. To exploit, an administrator must have installed Pytho...
Python Python
Python Python 3.11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
7.5
CVSSv3
CVE-2022-40303
An issue exists in libxml2 prior to 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
Xmlsoft Libxml2
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp Netapp Manageability Sdk -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
5.9
CVSSv3
CVE-2023-27537
A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due t...
Haxx Libcurl 7.88.1
Haxx Libcurl 7.88.0
Netapp Active Iq Unified Manager -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Clustered Data Ontap 9.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
5.5
CVSSv3
CVE-2023-27538
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse t...
Haxx Libcurl
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Clustered Data Ontap 9.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
6.5
CVSSv3
CVE-2021-3541
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
Xmlsoft Libxml2
Redhat Jboss Core Services -
Oracle Zfs Storage Appliance Kit 8.8
Netapp Cloud Backup -
Netapp Snapdrive -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
7.6
CVSSv3
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow malicious users to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack va...
Python Python
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
2 Github repositories
7.8
CVSSv3
CVE-2022-40304
An issue exists in libxml2 prior to 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Xmlsoft Libxml2
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Snapmanager -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »