Vulnerabilities > Netapp > Cloud Manager > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-10 CVE-2021-44228 Deserialization of Untrusted Data vulnerability in multiple products
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
10.0
2021-03-19 CVE-2021-26990 Missing Authorization vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files.
network
low complexity
netapp CWE-862
critical
9.4