Product:

Clustered_data_ontap

(Netapp)
Date Id Summary Products Score Patch Annotated
2022-10-19 CVE-2022-23241 Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period. Clustered_data_ontap 8.1
2020-11-12 CVE-2020-0590 Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Xeon_bronze_3104_firmware, Xeon_bronze_3106_firmware, Xeon_bronze_3204_firmware, Xeon_bronze_3206r_firmware, Xeon_gold_5115_firmware, Xeon_gold_5118_firmware, Xeon_gold_5119t_firmware, Xeon_gold_5120_firmware, Xeon_gold_5120t_firmware, Xeon_gold_5122_firmware, Xeon_gold_5215_firmware, Xeon_gold_5215l_firmware, Xeon_gold_5217_firmware, Xeon_gold_5218_firmware, Xeon_gold_5218b_firmware, Xeon_gold_5218n_firmware, Xeon_gold_5218r_firmware, Xeon_gold_5218t_firmware, Xeon_gold_5220_firmware, Xeon_gold_5220r_firmware, Xeon_gold_5220s_firmware, Xeon_gold_5220t_firmware, Xeon_gold_5222_firmware, Xeon_gold_6126_firmware, Xeon_gold_6126f_firmware, Xeon_gold_6126t_firmware, Xeon_gold_6128_firmware, Xeon_gold_6130_firmware, Xeon_gold_6130f_firmware, Xeon_gold_6130t_firmware, Xeon_gold_6132_firmware, Xeon_gold_6134_firmware, Xeon_gold_6136_firmware, Xeon_gold_6138_firmware, Xeon_gold_6138f_firmware, Xeon_gold_6138p_firmware, Xeon_gold_6138t_firmware, Xeon_gold_6140_firmware, Xeon_gold_6142_firmware, Xeon_gold_6142f_firmware, Xeon_gold_6144_firmware, Xeon_gold_6146_firmware, Xeon_gold_6148_firmware, Xeon_gold_6148f_firmware, Xeon_gold_6150_firmware, Xeon_gold_6152_firmware, Xeon_gold_6154_firmware, Xeon_gold_6208u_firmware, Xeon_gold_6209u_firmware, Xeon_gold_6210u_firmware, Xeon_gold_6212u_firmware, Xeon_gold_6222v_firmware, Xeon_gold_6226_firmware, Xeon_gold_6226r_firmware, Xeon_gold_6230_firmware, Xeon_gold_6230n_firmware, Xeon_gold_6230r_firmware, Xeon_gold_6230t_firmware, Xeon_gold_6234_firmware, Xeon_gold_6238_firmware, Xeon_gold_6238l_firmware, Xeon_gold_6238r_firmware, Xeon_gold_6238t_firmware, Xeon_gold_6240_firmware, Xeon_gold_6240l_firmware, Xeon_gold_6240r_firmware, Xeon_gold_6240y_firmware, Xeon_gold_6242_firmware, Xeon_gold_6242r_firmware, Xeon_gold_6244_firmware, Xeon_gold_6246_firmware, Xeon_gold_6246r_firmware, Xeon_gold_6248_firmware, Xeon_gold_6248r_firmware, Xeon_gold_6250_firmware, Xeon_gold_6250l_firmware, Xeon_gold_6252_firmware, Xeon_gold_6252n_firmware, Xeon_gold_6254_firmware, Xeon_gold_6256_firmware, Xeon_gold_6258r_firmware, Xeon_gold_6262v_firmware, Xeon_platinum_8153_firmware, Xeon_platinum_8156_firmware, Xeon_platinum_8158_firmware, Xeon_platinum_8160_firmware, Xeon_platinum_8160f_firmware, Xeon_platinum_8160t_firmware, Xeon_platinum_8164_firmware, Xeon_platinum_8168_firmware, Xeon_platinum_8170_firmware, Xeon_platinum_8176_firmware, Xeon_platinum_8176f_firmware, Xeon_platinum_8180_firmware, Xeon_platinum_8253_firmware, Xeon_platinum_8256_firmware, Xeon_platinum_8260_firmware, Xeon_platinum_8260l_firmware, Xeon_platinum_8260y_firmware, Xeon_platinum_8268_firmware, Xeon_platinum_8270_firmware, Xeon_platinum_8276_firmware, Xeon_platinum_8276l_firmware, Xeon_platinum_8280_firmware, Xeon_platinum_8280l_firmware, Xeon_platinum_9221_firmware, Xeon_platinum_9222_firmware, Xeon_platinum_9242_firmware, Xeon_platinum_9282_firmware, Xeon_silver_4108_firmware, Xeon_silver_4109t_firmware, Xeon_silver_4110_firmware, Xeon_silver_4112_firmware, Xeon_silver_4114_firmware, Xeon_silver_4114t_firmware, Xeon_silver_4116_firmware, Xeon_silver_4116t_firmware, Xeon_silver_4208_firmware, Xeon_silver_4209t_firmware, Xeon_silver_4210_firmware, Xeon_silver_4210r_firmware, Xeon_silver_4210t_firmware, Xeon_silver_4214_firmware, Xeon_silver_4214r_firmware, Xeon_silver_4214y_firmware, Xeon_silver_4215_firmware, Xeon_silver_4215r_firmware, Xeon_silver_4216_firmware, Cloud_backup, Clustered_data_ontap, Fas\/aff_bios, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware 7.8
2022-01-06 CVE-2021-46143 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. Libexpat, Active_iq_unified_manager, Clustered_data_ontap, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus 7.8
2021-02-15 CVE-2020-7071 In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL. Debian_linux, Clustered_data_ontap, Php 5.3
2017-01-11 CVE-2017-5340 Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. Clustered_data_ontap, Php 9.8
2017-01-11 CVE-2016-7480 The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. Clustered_data_ontap, Php 9.8
2017-01-24 CVE-2016-10160 Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. Debian_linux, Clustered_data_ontap, Php 9.8
2021-10-19 CVE-2021-27001 Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. Clustered_data_ontap 5.5
2021-06-04 CVE-2020-7469 In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet buffer may be freed, rendering the cached pointer invalid. The network stack may later dereference the pointer, potentially triggering a use-after-free. Freebsd, Clustered_data_ontap 7.5
2020-04-17 CVE-2020-11868 ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. Debian_linux, All_flash_fabric\-Attached_storage_8300_firmware, All_flash_fabric\-Attached_storage_8700_firmware, All_flash_fabric\-Attached_storage_a400_firmware, Clustered_data_ontap, Data_ontap, Fabric\-Attached_storage_8300_firmware, Fabric\-Attached_storage_8700_firmware, Fabric\-Attached_storage_a400_firmware, Hci_management_node, Hci_storage_node_firmware, Solidfire, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Ntp, Leap, Enterprise_linux 7.5