Vulnerabilities > Netapp > Cloud Backup > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2020-12359 Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel netapp
6.8
2021-06-09 CVE-2020-24486 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp siemens CWE-20
5.5
2021-06-09 CVE-2020-8670 Race Condition vulnerability in multiple products
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
high complexity
intel siemens netapp CWE-362
6.4
2021-06-09 CVE-2020-8700 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp CWE-20
6.7
2021-06-09 CVE-2020-8703 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access.
local
low complexity
intel netapp siemens CWE-119
6.7
2021-05-26 CVE-2020-25673 A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
local
low complexity
linux fedoraproject netapp
5.5
2021-05-20 CVE-2021-3426 Path Traversal vulnerability in multiple products
There's a flaw in Python 3's pydoc.
5.7
2021-05-10 CVE-2020-13529 Authentication Bypass by Spoofing vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in Systemd 245.
6.1
2021-05-05 CVE-2021-29489 Highcharts JS is a JavaScript charting library based on SVG.
network
low complexity
highcharts netapp
5.4
2021-04-29 CVE-2021-31879 Open Redirect vulnerability in multiple products
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
network
low complexity
gnu broadcom netapp CWE-601
6.1