Vulnerabilities > Netapp > Clustered Data Ontap > 9.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-26 | CVE-2024-21985 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. | 7.6 |
| 2024-01-12 | CVE-2024-21982 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user. | 6.5 |
| 2023-10-12 | CVE-2023-27314 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP 9 versions prior to 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to cause a crash of the HTTP service. | 7.5 |
| 2021-10-19 | CVE-2021-27001 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. | 2.1 |
| 2021-10-12 | CVE-2021-27003 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. | 4.3 |
| 2021-06-04 | CVE-2021-26994 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node. | 4.0 |
| 2020-10-27 | CVE-2020-8579 | Unspecified vulnerability in Netapp Clustered Data Ontap 9.7 Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS). | 5.0 |
| 2020-09-02 | CVE-2020-8576 | Incorrect Authorization vulnerability in Netapp Clustered Data Ontap 9.3/9.5/9.6 Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information. | 5.5 |