Vulnerabilities > Netapp > Cloud Manager > 3.7.3

DATE CVE VULNERABILITY TITLE RISK
2021-10-11 CVE-2021-27002 Unspecified vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy.
network
low complexity
netapp
7.5
2021-08-06 CVE-2021-26998 Information Exposure Through Log Files vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users.
network
low complexity
netapp CWE-532
4.3
2021-08-06 CVE-2021-26999 Information Exposure Through Log Files vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails.
network
low complexity
netapp CWE-532
4.3
2021-04-01 CVE-2021-28165 Improper Handling of Exceptional Conditions vulnerability in multiple products
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
network
low complexity
eclipse oracle jenkins netapp CWE-755
7.5
2021-03-19 CVE-2021-26992 Unspecified vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS).
network
low complexity
netapp
7.5
2021-03-19 CVE-2021-26991 Unspecified vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager.
network
low complexity
netapp
7.5
2021-03-19 CVE-2021-26990 Missing Authorization vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files.
network
low complexity
netapp CWE-862
critical
9.1