Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-1434 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key.
network
high complexity
openssl netapp CWE-327
5.9
2022-05-03 CVE-2022-1473 Incomplete Cleanup vulnerability in multiple products
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries.
network
low complexity
openssl netapp CWE-459
7.5
2022-05-03 CVE-2022-29824 Integer Overflow or Wraparound vulnerability in multiple products
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows.
network
low complexity
xmlsoft fedoraproject debian netapp oracle CWE-190
6.5
2022-05-01 CVE-2022-25647 Deserialization of Untrusted Data vulnerability in multiple products
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
network
low complexity
google debian netapp oracle CWE-502
7.5
2022-04-27 CVE-2022-24891 ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp oracle netapp
6.1
2022-04-25 CVE-2022-23457 Path Traversal vulnerability in multiple products
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp oracle netapp CWE-22
critical
9.8
2022-04-19 CVE-2022-21412 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
4.9
2022-04-19 CVE-2022-21413 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle netapp
4.9
2022-04-19 CVE-2022-21414 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
4.9
2022-04-19 CVE-2022-21415 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).
network
low complexity
oracle netapp
4.9