Vulnerabilities > Netapp > Altavault > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2017-07-03 CVE-2016-3998 Permissions, Privileges, and Access Controls vulnerability in Netapp Altavault
NetApp AltaVault 4.1 and earlier allows man-in-the-middle attackers to obtain sensitive information, gain privileges, or cause a denial of service via vectors related to the SMB protocol.
network
high complexity
netapp CWE-264
5.1