Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp data ontap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-8020
Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.
Netapp Clustered Data Ontap 8.3.2
Netapp Clustered Data Ontap 8.0
Netapp Clustered Data Ontap 8.3.1
4.3
CVSSv2
CVE-2019-5493
Data ONTAP operating in 7-Mode versions before 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.
Netapp Data Ontap 8.2.5
Netapp Data Ontap
5
CVSSv2
CVE-2019-5501
Data ONTAP operating in 7-Mode versions before 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
Netapp Data Ontap 8.2.5
Netapp Data Ontap
6.4
CVSSv2
CVE-2019-5502
SMB in Data ONTAP operating in 7-Mode versions before 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
Netapp Data Ontap 8.2.5
Netapp Data Ontap
2.1
CVSSv2
CVE-2018-5496
Data ONTAP operating in 7-Mode versions before 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
Netapp Data Ontap 8.2.5
Netapp Data Ontap
6.5
CVSSv2
CVE-2015-8322
NetApp OnCommand System Manager 8.3.x prior to 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
Netapp Data Ontap 8.3
Netapp Data Ontap 8.3.1
6.5
CVSSv2
CVE-2016-5374
NetApp Data ONTAP 9.0 and 9.1 prior to 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry.
Netapp Data Ontap 9.0
Netapp Data Ontap 9.1
6.8
CVSSv2
CVE-2016-3400
NetApp Data ONTAP 8.1 and 8.2, when operating in 7-Mode, allows man-in-the-middle malicious users to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol.
Netapp Data Ontap 8.1
Netapp Data Ontap 8.2
4.3
CVSSv2
CVE-2019-5506
Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.
Netapp Clustered Data Ontap 9.6
Netapp Clustered Data Ontap
2.1
CVSSv2
CVE-2020-8578
Clustered Data ONTAP versions before 9.3P20 are susceptible to a vulnerability which could allow an malicious user to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true.
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »