Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Clustered_data_ontap
(Netapp)| Repositories |
• https://github.com/php/php-src
• https://github.com/openbsd/src • https://github.com/derickr/timelib |
| #Vulnerabilities | 186 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-04-10 | CVE-2017-7345 | NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | Clustered_data_ontap | 5.3 | ||
| 2017-04-10 | CVE-2017-5988 | NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | Clustered_data_ontap | 7.5 | ||
| 2017-11-10 | CVE-2017-5201 | NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064. | Clustered_data_ontap | 5.7 | ||
| 2017-12-18 | CVE-2017-14583 | NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments. | Clustered_data_ontap | 6.5 | ||
| 2017-08-18 | CVE-2017-12420 | Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code. | Clustered_data_ontap | 8.8 | ||
| 2017-02-07 | CVE-2016-4341 | NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. | Clustered_data_ontap | 7.5 | ||
| 2017-07-03 | CVE-2016-3997 | NetApp Clustered Data ONTAP allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service by leveraging failure to enable SMB signing enforcement in its default state. | Clustered_data_ontap | 7.5 | ||
| 2016-08-31 | CVE-2016-3064 | NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors. | Clustered_data_ontap | 6.5 | ||
| 2016-04-07 | CVE-2016-1563 | NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | Clustered_data_ontap | 6.8 | ||
| 2017-01-11 | CVE-2015-8020 | Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure. | Clustered_data_ontap | 3.7 |