Vulnerabilities > Netapp > Clustered Data Ontap > 9.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-09 | CVE-2019-5506 | Improper Certificate Validation vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks. | 4.3 |
2019-09-26 | CVE-2019-10092 | Cross-site Scripting vulnerability in multiple products In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. | 6.1 |
2019-03-21 | CVE-2019-5490 | Insecure Default Initialization of Resource vulnerability in Netapp Service Processor Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. | 10.0 |