Vulnerabilities > Netapp > Cloud Backup

DATE CVE VULNERABILITY TITLE RISK
2020-11-12 CVE-2020-0590 Improper Input Validation vulnerability in multiple products
Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-20
7.8
7.8
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
7.5
2020-09-10 CVE-2020-25221 Operation on a Resource after Expiration or Release vulnerability in multiple products
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page.
local
low complexity
linux netapp CWE-672
7.8
7.8
2020-08-20 CVE-2020-15862 Improper Privilege Management vulnerability in multiple products
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
local
low complexity
net-snmp canonical netapp CWE-269
7.8
7.8
2020-08-20 CVE-2020-15861 Link Following vulnerability in multiple products
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
local
low complexity
net-snmp canonical netapp CWE-59
7.8
7.8
2020-08-19 CVE-2020-14356 NULL Pointer Dereference vulnerability in multiple products
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. 		7.8
7.8
2020-07-20 CVE-2020-15852 Incorrect Default Permissions vulnerability in multiple products
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests.
local
low complexity
linux xen netapp CWE-276
7.8
7.8
2020-07-15 CVE-2020-14664 Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX).
network
high complexity
oracle netapp
8.3
8.3
2020-07-15 CVE-2020-14621 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). 5.3
5.3
2020-07-15 CVE-2020-14593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). 7.4
7.4