Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-5502 |
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data. Published: August 05, 2019; 3:15:11 PM -0400 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2019-5501 |
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers. Published: August 02, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-5493 |
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled. Published: August 02, 2019; 11:15:12 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 4.3 MEDIUM |
CVE-2018-5496 |
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. Published: December 04, 2018; 3:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2018-18607 |
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Published: October 23, 2018; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-18606 |
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Published: October 23, 2018; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-18605 |
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Published: October 23, 2018; 1:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-18066 |
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. Published: October 08, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-18065 |
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. Published: October 08, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.5 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2017-12859 |
NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. Published: August 18, 2017; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-6495 |
NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access. Published: February 07, 2017; 12:59:00 PM -0500 |
V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-7886 |
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors. Published: January 18, 2016; 12:59:06 AM -0500 |
V4.0:(not available) V3.0: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2008-3349 |
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160. Published: July 28, 2008; 1:41:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |