Filtered by vendor Netapp
Subscribe
Search
Total
862 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11461 | 1 Netapp | 1 Oncommand Unified Manager | 2017-11-30 | 4.3 MEDIUM | 4.3 MEDIUM |
| NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface. | |||||
| CVE-2017-5201 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-29 | 2.7 LOW | 5.7 MEDIUM |
| NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064. | |||||
| CVE-2016-5047 | 1 Netapp | 1 Oncommand System Manager | 2017-11-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors. | |||||
| CVE-2016-5372 | 1 Netapp | 1 Snap Creator Framework | 2017-11-16 | 6.8 MEDIUM | 6.3 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | |||||
| CVE-2016-3064 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors. | |||||
| CVE-2016-1563 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | 5.8 MEDIUM | 6.8 MEDIUM |
| NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-1895 | 1 Netapp | 1 Data Ontap | 2017-09-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. | |||||
| CVE-2017-12859 | 1 Netapp | 1 Data Ontap | 2017-08-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2017-7947 | 1 Netapp | 1 Clustered Data Ontap | 2017-08-08 | 5.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line. | |||||
| CVE-2017-7345 | 1 Netapp | 1 Clustered Data Ontap | 2017-04-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-6495 | 1 Netapp | 1 Data Ontap | 2017-02-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access. | |||||
| CVE-2016-7171 | 1 Netapp | 1 Netapp Plug-in | 2016-12-23 | 6.8 MEDIUM | 5.6 MEDIUM |
| NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation. | |||||