Vulnerabilities > Netapp > Cloud Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-18 CVE-2021-45105 Uncontrolled Recursion vulnerability in multiple products
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.
network
high complexity
apache netapp debian sonicwall oracle CWE-674
5.9
2021-12-16 CVE-2021-42550 Deserialization of Untrusted Data vulnerability in multiple products
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
network
high complexity
qos redhat netapp siemens CWE-502
6.6
2021-10-11 CVE-2021-27002 Unspecified vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy.
network
low complexity
netapp
5.0
2021-08-06 CVE-2021-26998 Information Exposure vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users.
network
low complexity
netapp CWE-200
4.0
2021-08-06 CVE-2021-26999 Information Exposure vulnerability in Netapp Cloud Manager
NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails.
network
low complexity
netapp CWE-200
4.0
2021-06-08 CVE-2021-31807 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache fedoraproject netapp CWE-190
6.5
2021-05-27 CVE-2021-31808 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian netapp fedoraproject CWE-190
6.5
2021-05-27 CVE-2021-31806 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject netapp CWE-116
6.5
2021-04-01 CVE-2021-28164 In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory.
network
low complexity
eclipse netapp oracle
5.3
2021-03-19 CVE-2021-26992 Unspecified vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS).
network
low complexity
netapp
5.0