Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp clustered data ontap - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
Netapp Aff A700s Firmware
Netapp Clustered Data Ontap -
7.5
CVSSv3
CVE-2020-8579
Clustered Data ONTAP versions 9.7 up to and including 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).
Netapp Clustered Data Ontap 9.7
6.8
CVSSv3
CVE-2016-1563
NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Netapp Clustered Data Ontap 8.3.1
7.5
CVSSv3
CVE-2016-3997
NetApp Clustered Data ONTAP allows man-in-the-middle malicious users to obtain sensitive information, gain privileges, or cause a denial of service by leveraging failure to enable SMB signing enforcement in its default state.
Netapp Clustered Data Ontap 8.3.1
8.1
CVSSv3
CVE-2022-23241
Clustered Data ONTAP versions 9.11.1 up to and including 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote malicious user to arbitrarily modify or delete WORM data prior to the end of the retention period.
Netapp Clustered Data Ontap 9.11.1
9.8
CVSSv3
CVE-2016-7480
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP prior to 7.0.12 does not verify that a key is an object, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialize...
Php Php
Netapp Clustered Data Ontap -
9.1
CVSSv3
CVE-2017-11147
In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
Php Php
Netapp Clustered Data Ontap -
9.8
CVSSv3
CVE-2017-5340
Zend/zend_hash.c in PHP prior to 7.0.15 and 7.1.x prior to 7.1.1 mishandles certain cases that require large array allocations, which allows remote malicious users to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of ar...
Php Php
Netapp Clustered Data Ontap -
6.5
CVSSv3
CVE-2021-26989
Clustered Data ONTAP versions before 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated malicious user to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access.
Netapp Data Ontap 9.3.0
Netapp Data Ontap 9.5.0
Netapp Data Ontap 9.6.0
Netapp Data Ontap 9.7.0
Netapp Data Ontap 9.8.0
7.5
CVSSv3
CVE-2017-14053
NetApp OnCommand Unified Manager for Clustered Data ONTAP prior to 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an HTTP session.
Netapp Oncommand Unified Manager For Clustered Data Ontap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »